I am using authlogic for authentication in my Rails app. Have named routes for the frequent actions, viz:
map.login "login", :controller => "user_sessions", :action => "new"
map.logout "logout", :controller => "user_sessions", :action => "destroy"
map.register "register", :controller => "users", :a开发者_Go百科ction => "new"
map.edit 'user/edit/:id', :controller => "users", :action => "edit"
But also in my routes.rb i have these automatically created REST routes too:
map.resources :user_sessions
map.resources :users
The problem now is that a user can login from two different routes. Ex: From, http://localhost/login and also from http ://localhost/user_sessions/new. How do i restrict access only from the named route i have defined and not allow from user_sessions/new?
You need to exclude new
action from your restful routes. Very simple:
map.resources :user_sessions, :except => [:new]
See the marvellous ApiDock for reference.
精彩评论