title |
---|
Authenticating admin users |
Authentication is left for you to implement after you install Administrate into your app. It's expected that you can plugin your existing authentication system.
The base Admin::ApplicationController
has a TODO
to be completed:
class Admin::ApplicationController < Administrate::ApplicationController
before_action :authenticate_admin
def authenticate_admin
# TODO Add authentication logic here.
end
end
Clearance provides Rails authentication with email & password.
class Admin::ApplicationController < Administrate::ApplicationController
include Clearance::Controller
before_action :require_login
end
Devise is an authentication solution for Rails with Warden. Include
the authentication method for your model as a before_action
:
class Admin::ApplicationController < Administrate::ApplicationController
before_action :authenticate_user!
end
Rails includes the http_basic_authenticate_with
method which can be added to your base admin controller:
class Admin::ApplicationController < Administrate::ApplicationController
http_basic_authenticate_with(
name: ENV.fetch("ADMIN_NAME"),
password: ENV.fetch("ADMIN_PASSWORD")
)
end
With this approach consider using dotenv to setup your environment and avoid committing secrets in your repository.