hello_its_me
Reputation: 793
Protect routes from users who are not signed in
I'm using Rails 4 and Devise to authenticate users. Once a user logs in, they are redirected to a sinatra app. I need the route to that page to be protected from unsigned-in users.
So the route I need to prevent users from visiting if they are not signed in is /kibana
Here is my routes files:
devise_for :user
root 'pages#home'
mount Kibana::Sinatra::Web => '/kibana', :trailing_slash => true
Any help is much appreciated, thank you.
EDIT here is my ApplicationController file
protect_from_forgery
before_filter :check_user
private
def check_user
if request.fullpath =~ /kibana/ && !user_signed_in?
authenticate :user do
end
end
end
Yet, not the result I need. When I visit localhost:3000 it redirects me to the user login with the note that I need to be logged in, but when I visit /kibana/ it just shows it without having to be logged in.
Upvotes: 0
Views: 1454
Answers (1)
blelump
Reputation: 3243
More or less this way:
class ApplicationController
before_filter :check_user
private
def check_user
if !current_user && request.fullpath =~ /kibana/
redirect_to your_app_login_url
end
end
end
Edit:
It looks like I was wrong, within your routes.rb:
authenticate :user do
mount Kibana::Sinatra::Web => '/kibana', :trailing_slash => true
end
Upvotes: 1
Related Questions
- Authenticated and unauthenticated routes for Devise
- authenticated and unauthenticated routes in rails 5
- Rails 4 devise - redirect user if not authenticated
- devise skip authentication based on route
- Restrict routes to certain users in Rails app
- RAILS: Securing route to customer to prevent unauthorized access
- Rails4+Devise: "hide" routes when user is not authenticated
- Devise authenticated route
- Rails routes and limiting authentication by association
- Restrict certain routes to logged in users