Sometime you have an app that doesn't need full authentication, but you'd like to be able to limit some pages to admins only. This is the story of that app...
This was originally presented at MerbDayAtlanta. The orginal slides are located in the Merbday GitHub Repo.
Because it's not returning a standard user object. Even with a merb-auth strategy, you still need to return a basic user object. It would work correctly alone, but if you roll merb-auth into your project and you'd have two possible user objects being stored, a complete dm user objects, and a simple OpenID. Also, merb-auth doesn't do authorization, just authentication. I'm going to revisit this once merb-authz is rolled into merb.
Install the gem from the cloned repo
git clone git://github.com/markpercival/quickadmin.git
cd quickadmin
sudo rake install
Add the following to dependencies.rb
dependency 'quickadmin'
and then add this to router.rb
slice(:quickadmin, :name_prefix => nil, :path_prefix => "")
On any page you want to protect just create a before filter:
before :ensure_quickadmin, :only => [:index, :edit]
Add the authorized OpenID's to 'config/quickadmins.yaml'
- mpercival.com
- gweezelbur.com
- john.schult.us
It will auto-magically create the necessary 'config/quickadmins.yaml' on the first load if you don't already have one.
- Official Repo: http://github.com/markpercival/quickadmin
- © 2008, Mark Percival - mark@mpercival.com
- Released under the MIT License