im trying to create a login page, i would like all traffic to be
directed to this login…
sessions/new.html.erb <—login form
sessions/home.html.erb
sessions/index.html.erb
sessions/console.html.erb
i hope to restrict access to these 3 documents… currently the simple
hello world example for these 3 documents will work just fine…
[code]
rails g controllers sessions home index console new create destroy
[controller/sessions/application_controller.rb]
class ApplicationController < ActionController::Base
protect_from_forgery with: :exception
session :session_key => ‘_railscasts_session_id’
helper_method :admin?
protected
def authorize
unless admin?
flash[:notice] = “Unauthorized access”
redirect_to home_path
false
end
end
def admin?
session[:password] == “secret”
end
end
[controller/sessions/sessions_controller.rb]
class SessionsController < ApplicationController
def new
end
def home
end
def index
end
def console
end
def create
session[:password] = params[:password]
flash[:notice] = “Successfully logged in”
redirect_to home_path
end
def destroy
reset_session
flash[:notice] = “Successfully logged out”
redirect_to login_path
end
end
[view/sessions/new.html.erb]
new.html.erb
<%= form_tag sessions_path do %> Password: <%= password_field_tag :password %> <%= submit_tag "Login" %> <% end %>
[config/routes.rb]
Rails.application.routes.draw do
get ‘sessions/new’
get ‘sessions/index’
get ‘sessions/home’
get ‘sessions/console’
get ‘sessions/create’
get ‘sessions/destroy’
resources :controller, :sessions
resources ‘’, :controller => ‘sessions’, :action => ‘new’
root ‘’, :controller => ‘sessions’, :action => ‘new’
get ‘login’, :controller => ‘sessions’, :action => ‘create’
get ‘logout’, :controller => ‘sessions’, :action => ‘destroy’
For details on the DSL available within this file, see
end