0

I have gone through and looked at a bunch of screen casts (http://railscasts.com/episodes/270-authentication-in-rails-3-1) and tutorials (http://ruby.railstutorial.org/chapters/modeling-and-viewing-users-two?version=2.3#sec:secure_passwords) but I can't seem to find or apply what I am learning to create a single view password protected.

As of now I am generating a random password and showing it to the user to go back and view a file they have uploaded (generated using SecureRandom.hex). However, I know that using http_basic doesn't seem to work when I restrict it only to the show view and method in my controller : http_basic_authenticate_with :password => :passcode, :only => :show

I know that line of code does not work because :passcode does not reference the individual files password that was created.

Also, I know that http_basic_authenticate_with is not the way it should be done for secure passwords, so how would you go about this using has_secure_password etc?

user1470511
  • 339
  • 1
  • 3
  • 14

1 Answers1

0

You can try to encapsulate the http_basic_authenticate_with :password => :passcode in a method in your controller, and call the before_filter to call that method.
Something like that: 

before_filter :restrict, :only => :show

def show
end

def restrict
  http_basic_authenticate_with :password => :passcode
end
squiter
  • 5,711
  • 4
  • 24
  • 24
  • The only issue that I get when using the solution is that I am getting the error "undefined method `http_basic_authenticate_with'." Does http_basic_authenticate_with have to be at the top of the controller? – user1470511 Jul 11 '12 at 14:13
  • I do not know if this work, but try to define the method with a self. like: `def self.restrict`. – squiter Jul 11 '12 at 14:15
  • 1
    I ended up getting this to work: authenticate_or_request_with_http_basic do |user, password| password == @file.passcode && user == "" end – user1470511 Jul 11 '12 at 14:17