Skip to content

HowTo: Password protecting pages

Jump to bottom Edit New page
Oleg edited this page Nov 21, 2017 · 2 revisions

Password protecting CMS pages is easy. All you need to do is create a module with authenticate method. Like so:

module CmsPagesAuth
  def authenticate
    redirect_to login_path unless current_user
  end
end

Then in the initializer un-comment and change following line to this:

config.public_auth = 'CmsPagesAuth'

Inside that method you have access to @cms_site, @cms_layout and @cms_page so you can use those in your authentication logic. Please note that this authentication only happens when requested page is found.

Here's example of how to protect /secret/page/path page with BasicAuth

module CmsPagesAuth
  def authenticate
    protected_paths = ['secret/page/path', 'so/very/protected', 'no-access']
    return unless protected_paths.member?(params['cms_path'])
    authenticate_or_request_with_http_basic do |username, password|
      username == 'secret_username' && password == 'secret_password'
    end
  end
end

Help and Contact

Gitter: https://gitter.im/comfy/comfortable-mexican-sofa Twitter: @GroceryBagHead

Getting Started

Managing Content

How-Tos

Clone this wiki locally