You need to build a system to restrict registered users’ access to certain resources. In short, you need users to log in.
restful_authentication Rails plug-in, with the default Rails cookie session storage, to make sure an authenticated user exists before allowing access to certain controllers.
Sooner or later, just about every web app needs to track users and restrict access to certain resources based on whether users are logged in or not. Luckily, a tried-and-true Rails plug-in called
restful_authentication helps us with all those things with just a few commands and a bit of configuration.
Starting a few versions ago, the default session store for Rails became ...