You are here: Merb Wiki » cookbook » Authenticated Hello World

Authenticated Hello World

When you generate an application with the default merb stack, merb-auth is already setup for normal usage.

If you don't want to use this, simply comment out the dependency on merb-auth in config/dependencies.rb

First step is to generate your application. 

$ merb-gen app hello_world
$ cd hello_world

This generates an application stub, with authentication already configured. The basic elements are 

app/models/user.rb

merb/merb-auth/setup.rb
merb/merb-auth/strategies.rb

The setup for user authentication is taken care of by default using a password and login. Of course we need to setup the database and add a user first. 

$ rake db:automigrate
$ merb -i
>> u = User.new(:login => "login_name")
>> u.password = u.password_confirmation = "sekrit"
>> u.save

Now we have an application, and a user, we need something to protect. 

$ merb-gen controller hello_world

Let's put something into the controller. 

class HelloWorld < Application
 
  def index
    "Hello World"
  end
 
end

If you fire up merb now and head on over to http://localhost:4000/hello_world you'll see the “Hello World” results. It's not protected yet, so let's fix that. We can either protect it in the routes in config/router.rb or in the controller action. Let's do the router option first.

Open up config/router.rb 

 
Merb::Router.prepare do
 
 authenticate do
   match("/hello_world").to(:controller => "hello_world")
 end
 
end

This will cause the user to login. This is discovered in the router and when it fails, it stops in the router. Try to hit http://localhost:4000/hello_world now. You'll see that you need to login to access it!

Ok. Logout, http://localhost:4000/logout

Now let's remove the code from the router, and put the protection at the controller level. This will allow you finer control over resources for example. 

 
Merb::Router.prepare do
 match("/hello_world").to(:controller => "hello_world")
end

Let's now put it into the controller: 

class HelloWorld < Application
 
  before :ensure_authenticated
 
  def index
    "Hello World"
  end
 
end

To get access to the currently logged in user inside your controller use: 

session.user

Really… For a basic Hello World authentication, that's it.

If you want more customization, you can do: 

rake slices:merb-auth-slice-password:freeze:views

What that will do is copy the views from the slice to the slices folder in your application.

Then you need to move/copy them to your views. Editing the copied views in app/views should now be taken into account.

 
cookbook/authenticated_hello_world.txt · Last modified: 2008/12/08 00:55 by mattetti