O'Reilly logo

Learning Rails: Live Edition by Edd Dumbill, Simon St. Laurent

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Test Your Knowledge

Quiz

  1. Where is user and password information stored?

  2. Where do you need to include AuthenticatedSystem to make authentication available?

  3. How you tell a controller that users must be logged in to use that controller?

  4. Where do you modify the rules that authorize users to have certain privileges?

  5. How do you keep the logs from storing potentially sensitive security-related information?

Answers

  1. User and password information is stored in the database, in a model you name when you first generate the authentication mechanisms.

  2. You could put include AuthenticatedSystem in each of your controllers, but it’s no doubt easiest to put it into the ApplicationController class in app/controllers/application.rb.

  3. The before_filter :login_required method will block requests by unauthenticated users.

  4. You can redefine the authorized? method in the ApplicationController class in app/controllers/application.rb.

  5. You can keep sensitive information out of the logs with filter_parameter_logging.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required