diff options
| author | Pratik Naik <pratiknaik@gmail.com> | 2008-10-21 18:33:40 +0100 |
|---|---|---|
| committer | Pratik Naik <pratiknaik@gmail.com> | 2008-10-21 18:33:40 +0100 |
| commit | a03e2b356c66ddc8809fa2b23a2a7d652f173b8b (patch) | |
| tree | ab8552913475bf94a78e4cbfbae804b2ecd9eca2 /railties/doc/guides/source/actioncontroller_basics/verification.txt | |
| parent | 18542c9e00209679bdaacf64075819fb887ec856 (diff) | |
| download | rails-a03e2b356c66ddc8809fa2b23a2a7d652f173b8b.tar.gz rails-a03e2b356c66ddc8809fa2b23a2a7d652f173b8b.tar.bz2 rails-a03e2b356c66ddc8809fa2b23a2a7d652f173b8b.zip | |
Merge with docrails. Also add a rake task to generate guides in your rails application :
rake doc:guides
The rake task will generate guides inside doc/guides directory of your application. Open index.html to browse.
Diffstat (limited to 'railties/doc/guides/source/actioncontroller_basics/verification.txt')
| -rw-r--r-- | railties/doc/guides/source/actioncontroller_basics/verification.txt | 40 |
1 files changed, 40 insertions, 0 deletions
diff --git a/railties/doc/guides/source/actioncontroller_basics/verification.txt b/railties/doc/guides/source/actioncontroller_basics/verification.txt new file mode 100644 index 0000000000..39046eee85 --- /dev/null +++ b/railties/doc/guides/source/actioncontroller_basics/verification.txt @@ -0,0 +1,40 @@ +== Verification == + +Verifications make sure certain criterias are met in order for a controller or action to run. They can specify that a certain key (or several keys in the form of an array) is present in the `params`, `session` or `flash` hashes or that a certain HTTP method was used or that the request was made using XMLHTTPRequest (Ajax). The default action taken when these criterias are not met is to render a 400 Bad Request response, but you can customize this by specifying a redirect URL or rendering something else and you can also add flash messages and HTTP headers to the response. It is described in the link:http://api.rubyonrails.org/classes/ActionController/Verification/ClassMethods.html[API codumentation] as "essentially a special kind of before_filter". + +Let's see how we can use verification to make sure the user supplies a username and a password in order to log in: + +[source, ruby] +--------------------------------------- +class LoginsController < ApplicationController + + verify :params => [:username, :password], + :render => {:action => "new"}, + :add_flash => {:error => "Username and password required to log in"} + + def create + @user = User.authenticate(params[:username], params[:password]) + if @user + flash[:notice] = "You're logged in" + redirect_to root_url + else + render :action => "new" + end + end + +end +--------------------------------------- + +Now the `create` action won't run unless the "username" and "password" parameters are present, and if they're not, an error message will be added to the flash and the "new" action will be rendered. But there's something rather important missing from the verification above: It will be used for *every* action in LoginsController, which is not what we want. You can limit which actions it will be used for with the `:only` and `:except` options just like a filter: + +[source, ruby] +--------------------------------------- +class LoginsController < ApplicationController + + verify :params => [:username, :password], + :render => {:action => "new"}, + :add_flash => {:error => "Username and password required to log in"}, + :only => :create #Only run this verification for the "create" action + +end +--------------------------------------- |