I am developing a project in rails and stuck to give different authorities to different users
Ex: admin , normal users, moderator ,editor etc
If any ony knows about it then plz help me
I am using my own authentication system because it is preferred by Mr Rails book
below is my code for authenticate
protected def authorize unless User.find_by_id(session[:user_id]) redirect_to login_url, :notice => 'You are not a Authorized User' end end
It’s always best practice to write a code from scrach if you are in learning phase or in other words if you just want to learn it’s mechanism .
But if you are developing a real world application you should remember security is major issue so it’s recommended to use and understand Device gem with can-can authentication system.
Search for Device and can-can on google.
You must be logged in to reply to this topic.