On Wed, Nov 26, 2008 at 7:57 PM, Jan Kassens <[EMAIL PROTECTED]> wrote:
> > On Nov 26, 2008, at 1:03, Daniel N wrote: > > It seems that there are a few requests for the other though, where it will > actively try to log someone in if they're not logged in, and just let it > pass if it fails. Is this what you mean? > > > Yep, thats exactly what I was trying to do, and this block inside the > action seems to do the trick, but it's a hack: > > begin > session.authenticate! request, params > rescue Unauthenticated > # Don't require the login > end > > If I'm passing passing valid http basic authentication login details via > curl it actively logins, but works as unauthenticated if not. > > -- > Jan - MooTools comitter > twitter/blog: http://kassens.net > > gotcha. This should be done in a before filter tbh since you really only want to rescue the unauthenticated error but allow redirection for stuff like openid right? I've been thinking about adding a method like try_authentication which would effectively be something like this before :try_authentication private def try_authentication(*args) begin ensure_authenticated(*args) rescue Unauthenticated end end So basically the same as what you have, but I'd let ensure_authenticated handle it so it could do redirection and throwing and other before filtery stuff. There would be a simliar solution for routes as well. It'd be nice if someone could test it out and let me know how it works first though ;) ;) Cheers Daniel --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "merb" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/merb?hl=en -~----------~----~----~----~------~----~------~--~---
