使用用户或管理员模型和 Basecamp 样式子域设计登录 [英] Devise login with user or admin models and Basecamp style subdomains

问题描述

我为 Devise 用户和管理员设置了不同的模型.我也在使用 Basecamp 风格的子域.除了一些控制器和操作，我需要能够以用户或管理员身份进行身份验证外，一切都运行良好.

I have separate models for Devise users and admins. I am also using Basecamp style subdomains. Everything is working well except for a few controllers and actions where I need to be able to authenticate as either a user or as an admin.

目前我有authenticate_user！在我的 application_controller.rb 中设置，对于只有管理员才能访问的控制器和操作，我正在使用 skip_before_filter 跳过它.

Currently I have authenticate_user! set in my application_controller.rb and I am skipping it with skip_before_filter for those controllers and actions that only admins should have access to.

不幸的是，我不能简单地在每个控制器上指定身份验证要求，因为我仍然需要一些控制器和操作才能被用户或管理员访问.

Unfortunately I cannot simply specify the authentication requirement on each controller as I will still need some controllers and action to be access by both a User or an Admin.

我尝试了一些方法都无济于事.看来，如果我移动authenticate_user！和authenticate_admin！进入它无法处理的某种子域检测逻辑.基本上:

I have tried a few things to no avail. It seems that if I move the authenticate_user! and authenticate_admin! into some sort of subdomain detection logic it fails to process. Basically:

current_subdomain = request.subdomains.first    
if current_subdomain == 'admin'
 authenticate_admin!
else
 authenticate_user!
end

我曾经能够让它尝试进行身份验证，但由于某种原因，它无法让会话控制器不需要身份验证，从而导致重定向循环(我第一次使用 Ruby！).

I was, at one point, able to get it to attempt authentication but for some reason it was failing to except the session controller from needing authentication which resulted in a redirection loop (a first for me with Ruby!).

我意识到我可以向我的用户添加一个字段来表示管理员状态，但应用程序要求用户和管理员之间的权力分离比允许的更大，除了一些控制器和操作.

I realize that I could add a field to my User that denotes admin status, but the application requires a greater separation of powers between User and Admin than that will allow, except for a few controllers and actions.

• Ruby 1.9.2
• Rails 3.0.3
• 设计 1.1.3

推荐答案

尝试按照

#application_controller.rb
def authenticate_any!
    if admin_signed_in?
        true
    else
        authenticate_user!
    end
end

然后在您希望管理员和用户都能够通过身份验证访问的控制器中使用

then in the controller where you want both admins and user to be able to have access through authentication use

#myobject_controller.rb
before_filter :authenticate_any!

如果您以管理员身份登录，那么您将通过before_filter，否则您将通过authenticate_user！这是默认行为.

If you have logged in as an admin then you will pass the before_filter, otherwise you will go through authenticate_user! which is the default behaviour.

这篇关于使用用户或管理员模型和 Basecamp 样式子域设计登录的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！