throw user to login if trying to edit without logging in
authorSteve Coast <steve@asklater.com>
Sat, 7 Apr 2007 10:28:38 +0000 (10:28 +0000)
committerSteve Coast <steve@asklater.com>
Sat, 7 Apr 2007 10:28:38 +0000 (10:28 +0000)
app/controllers/application.rb
app/controllers/site_controller.rb

index a4f65cd54b9d30bb095285b370b402ecabdeb818..6520e027bc8b5a35b127fe9c15667d4964215235 100644 (file)
@@ -6,6 +6,10 @@ class ApplicationController < ActionController::Base
     @user = User.find_by_token(session[:token])
   end
 
+  def require_user
+    redirect_to :controller => 'user', :action => 'login' unless @user
+  end
+
   def authorize(realm='Web Password', errormessage="Could't authenticate you") \r
     username, passwd = get_auth_data # parse from headers\r
     # authenticate per-scheme
index 380c41436d92c4f71993262e4d62e5cf3b817496..f4ccd3c742cc7e1ebb9fd1e56a98d7ae2ce86a62 100644 (file)
@@ -1,6 +1,6 @@
 class SiteController < ApplicationController
   before_filter :authorize_web
-
+  before_filter :require_user, :only => [:edit]
   def index
 
   end