On Jan 11, 2008 12:56 PM, Cody P. Skidmore <[EMAIL PROTECTED]> wrote:
> Thank you Zach. I was just about to ask about this. I'm just getting
> started with restful_authentication and have missed the context of your
> point. restful_authentication is such a huge improvement over what I'm
> use to.
>
> Could you elaborate just a little on the use context in controllers? Is
> this called from the "authenticate" method in the controller?
>
Here is a before filter in our ApplicationController for attempting to
log the user in from a cookie:
Here is what we have in our application controller as a before filter
for logging in from a controller:
def login_from_cookie
session[:invitation_code] = params[:code] if params[:code]
unless logged_in?
login = @login_manager.login_from_cookie(cookies, session)
if login.successful?
flash[:notice] = login.message
self.current_user = login.user
unless login.return_to.blank?
redirect_to login.return_to
return false
end
end
end
end
And here is our SessionsController#create method for how to log in a
user from their credentials:
def create
login = @login_manager.login_with_credentials(params[:login],
session, cookies)
if login.successful?
self.current_user = login.user
flash[:notice] = login.message
redirect_to(login.return_to || home_path)
session[:return_to] = nil
else
flash[:error] = login.message
redirect_to signup_path(:login => {:email => params[:login][:email]})
end
end
You'll notice that we already have a @login_manager instance variable
accessible in both cases. This is because of our use of the Injection
plugin to automatically assign one for us from a global application
context. You don't have to do that (but we like it because it
decouples our controllers from implementation). You could construct a
LoginManager where you need it, ie:
LoginManager.new.login_with_credentials(....)
We didn't set the methods up as class methods on LoginManager (ie:
LoginManager.login_with_credentials) because we like to work with
instances. We feel they are easier to test and refactor and it helps
us avoid the temptation of adding class methods and instance methods
which often times can lead to mixing multiple responsibilities onto an
object. We're big fan of single responsibility.
HTH,
--
Zach Dennis
http://www.continuousthinking.com
_______________________________________________
rspec-users mailing list
rspec-users@rubyforge.org
http://rubyforge.org/mailman/listinfo/rspec-users
