pyrat / ssl_requirement fork watch download tarball
public
Description: github version of ssl_requirement
Homepage: http://dev.rubyonrails.org/browser/plugins/ssl_requirement/
Clone URL: git://github.com/pyrat/ssl_requirement.git 
Updated readme
pyrat (author)
Thu Apr 17 02:38:50 -0700 2008
commit  130963fb79a6f664669a39cf81660ccbb5a1ed8f
tree    f70fd0bd01034b4887e6004e712583b4594150ff
parent  02df45c9cd82682fb3fc637571cf1dc25349c3d2
name age
history
message
file README Thu Apr 17 02:38:50 -0700 2008 Updated readme [pyrat]
directory lib/ Thu Apr 17 02:35:43 -0700 2008 Init commit of improved plugin [pyrat]
directory test/ Thu Apr 17 02:35:43 -0700 2008 Init commit of improved plugin [pyrat]
README
SSL Requirement
===============

SSL requirement adds a declarative way of specifying that certain actions
should only be allowed to run under SSL, and if they're accessed without it,
they should be redirected.

If the rails_env is test or development the redirection is not performed.

Example:

  class ApplicationController < ActiveRecord::Base
    include SslRequirement
  end

  class AccountController < ApplicationController
    ssl_required :signup, :payment
    ssl_allowed :index
    
    def signup
      # Non-SSL access will be redirected to SSL
    end
    
    def payment
      # Non-SSL access will be redirected to SSL
    end

    def index
      # This action will work either with or without SSL
    end

    def other
      # SSL access will be redirected to non-SSL
    end
  end
  
You can overwrite the protected method ssl_required? to rely on other things
than just the declarative specification. Say, only premium accounts get SSL.

P.S.: Beware when you include the SslRequirement module. At the time of
inclusion, it'll add the before_filter that validates the declarations. Some
times you'll want to run other before_filters before that. They should then be
declared ahead of including this module.

Copyright (c) 2005 David Heinemeier Hansson, released under the MIT license