From e2b07ee000439d0bd41f725ff9f7ad53e52a7e9b Mon Sep 17 00:00:00 2001 From: David Heinemeier Hansson Date: Mon, 28 Mar 2011 18:09:50 -0700 Subject: Added Base.http_basic_authenticate_with to do simple http basic authentication with a single class method call [DHH] --- actionpack/CHANGELOG | 37 +++++++++++++++++++++++++++++++++++++ 1 file changed, 37 insertions(+) (limited to 'actionpack/CHANGELOG') diff --git a/actionpack/CHANGELOG b/actionpack/CHANGELOG index a90a7b37f7..7f1e7d1c1d 100644 --- a/actionpack/CHANGELOG +++ b/actionpack/CHANGELOG @@ -1,5 +1,42 @@ *Rails 3.1.0 (unreleased)* +* Added Base.http_basic_authenticate_with to do simple http basic authentication with a single class method call [DHH] + + class PostsController < ApplicationController + USER_NAME, PASSWORD = "dhh", "secret" + + before_filter :authenticate, :except => [ :index ] + + def index + render :text => "Everyone can see me!" + end + + def edit + render :text => "I'm only accessible if you know the password" + end + + private + def authenticate + authenticate_or_request_with_http_basic do |user_name, password| + user_name == USER_NAME && password == PASSWORD + end + end + end + + ..can now be written as + + class PostsController < ApplicationController + http_basic_authenticate_with :name => "dhh", "secret", :except => :index + + def index + render :text => "Everyone can see me!" + end + + def edit + render :text => "I'm only accessible if you know the password" + end + end + * Allow you to add `force_ssl` into controller to force browser to transfer data via HTTPS protocol on that particular controller. You can also specify `:only` or `:except` to specific it to particular action. [DHH and Prem Sichanugrist] * Allow FormHelper#form_for to specify the :method as a direct option instead of through the :html hash [DHH] -- cgit v1.2.3 From 3d1e7c2645af6c187d5ab6d2a02bd1e7b9ad7af3 Mon Sep 17 00:00:00 2001 From: David Heinemeier Hansson Date: Mon, 28 Mar 2011 18:15:41 -0700 Subject: Fix examples --- actionpack/CHANGELOG | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'actionpack/CHANGELOG') diff --git a/actionpack/CHANGELOG b/actionpack/CHANGELOG index 7f1e7d1c1d..6032c6b7da 100644 --- a/actionpack/CHANGELOG +++ b/actionpack/CHANGELOG @@ -26,7 +26,7 @@ ..can now be written as class PostsController < ApplicationController - http_basic_authenticate_with :name => "dhh", "secret", :except => :index + http_basic_authenticate_with :name => "dhh", :password => "secret", :except => :index def index render :text => "Everyone can see me!" -- cgit v1.2.3 From 51551a0a5bd6f7e4116bc3759a4d7c15634643dc Mon Sep 17 00:00:00 2001 From: Prem Sichanugrist Date: Tue, 29 Mar 2011 02:59:24 +0700 Subject: Update the wildcard route to be non-greedy by default, therefore be able to match the (.:format) segment [#6605 state:resolved] After some discussion with Andrew White, it seems like this is a better approach for handling a wildcard route. However, user can still bring back the old behavior by supplying `:format => false` to the route. Signed-off-by: Andrew White --- actionpack/CHANGELOG | 8 ++++++++ 1 file changed, 8 insertions(+) (limited to 'actionpack/CHANGELOG') diff --git a/actionpack/CHANGELOG b/actionpack/CHANGELOG index 6032c6b7da..3eba2281c4 100644 --- a/actionpack/CHANGELOG +++ b/actionpack/CHANGELOG @@ -1,5 +1,13 @@ *Rails 3.1.0 (unreleased)* +* Wildcard route will always matching the optional format segment by default. For example if you have this route: + + map '*pages' => 'pages#show' + + by requesting '/foo/bar.json', your `params[:pages]` will be equals to "foo/bar" with the request format of JSON. If you want the old 3.0.x behavior back, you could supply `:format => false` like this: + + map '*pages' => 'pages#show', :format => false + * Added Base.http_basic_authenticate_with to do simple http basic authentication with a single class method call [DHH] class PostsController < ApplicationController -- cgit v1.2.3