lme*_*ino 5 ruby authentication sinatra padrino
我正在关注Padrino的博客教程,现在我遇到了我有两个应用程序的问题:管理员,应用程序和我不知道如何访问来自App内部管理员的经过身份验证的帐户.例如,在views/posts/show.haml里面我希望能够使用logged_in吗?帮助器,但它总是返回false,因为我怀疑必须以其他方式访问current_account变量.我错过了什么?
# admin/app.rb
module MyCompany
class Admin < Padrino::Application
use ActiveRecord::ConnectionAdapters::ConnectionManagement
register Padrino::Mailer
register Padrino::Helpers
register Padrino::Admin::AccessControl
set :admin_model, 'Account'
set :login_page, '/sessions/new'
enable :sessions
disable :store_location
access_control.roles_for :any do |role|
role.protect '/'
role.allow '/sessions'
end
access_control.roles_for :admin do |role|
role.project_module :posts, '/posts'
role.project_module :accounts, '/accounts'
end
# Custom error management
error(403) { @title = "Error 403"; render('errors/403', :layout => :error) }
error(404) { @title = "Error 404"; render('errors/404', :layout => :error) }
error(500) { @title = "Error 500"; render('errors/500', :layout => :error) }
end
end
# app/app.rb
module MyCompany
class App < Padrino::Application
use ActiveRecord::ConnectionAdapters::ConnectionManagement
register SassInitializer
register CompassInitializer
register Padrino::Mailer
register Padrino::Helpers
register Padrino::Assets
register Padrino::CSRF
configure :production do
set :js_compressor, Uglifier.new(mangle: false)
set :css_compressor, :yui
set :precompile_assets, [/^\w\.(?!(?:css|js)$)/i]
end
configure :test do
set :raise_errors, true
set :show_exceptions, false
end
enable :sessions
enable :prevent_request_forgery
# Don't blow up when we can't find something
error ActiveRecord::RecordNotFound do
halt 404
render 'errors/404'
end
error 404 do
render 'errors/404'
end
error 500 do
render 'errors/500'
end
end
end
更新:
最后,我找到了一个解决方法,它通过为两个应用程序共享相同的值来覆盖session_id,以便帮助程序方法找到相同的登录帐户:
Padrino.configure_apps do
enable :sessions
set :session_secret, 'mycustomsessionsecret'
set :protection, :except => :path_traversal
set :protect_from_csrf, true
## here starts the change, I assume first_app to be 'Admin'
first_app = Padrino.mounted_apps.first
if first_app
set :session_id, "#{first_app.app_obj.session_id}"
end
end
每个处理身份验证助手的应用都必须包含此模块:
register Padrino::Admin::AccessControl
如果有更好的解决方案,我很高兴听到它,但这对我有用.
| 归档时间: |
|
| 查看次数: |
470 次 |
| 最近记录: |