Restrict access to docs

[jogaco]

I'd like to restrict access to the documentation to logged-in users. I use devise for authentication. I guess this is not implemented, right?

[jejacks0n]

Mount the engine within a constraint or inherit the controller. Both are pretty basic approaches.

I think devise even has an "authenticated" routing constraint.

---

Jeremy Jackson

On Jul 30, 2014, at 4:57 AM, "J. Garcia" notifications@github.com wrote:

I'd like to restrict access to the documentation to logged-in users. I use devise for authentication. I guess this is not implemented, right?

—
Reply to this email directly or view it on GitHub.

[jogaco]

I've been trying to extend the controller with no luck. The extended controller would never be called.
Any pointer on how to achieve either option would be appreciated.

[jejacks0n]

https://github.com/plataformatec/devise/blob/master/lib/devise/rails/routes.rb#L295

1. configure apitome to not mount itself (covered in the readme) by setting mount_at to nil.
2. in your routes:

authenticated do
  mount Apitome::Engine => '/your_custom_path'
end

You can adjust the authenticated constraint as you need, as outlined in the code at the above link. It should be noted that this isn't at all related to apitome, but you're welcome. =)

[jogaco]

Many thanks for the tip.
I ended up securing the route within the controller, to give a chance to the user to authenticate.

class ApidocsController < Apitome::DocsController
    before_filter :authenticate_user!

    def index
        super
    end
end

[jejacks0n]

cool. you can omit the index method fyi, as it will make it into the super by default.