From 21460a63baa6c3ef7e84bbc4577d0890778ccd07 Mon Sep 17 00:00:00 2001 From: stass <93729036+stxss@users.noreply.github.com> Date: Mon, 27 Nov 2023 17:25:37 +0000 Subject: [PATCH] Fix information regarding callbacks. Fixes #26801 (#26821) --- .../sessions_cookies_authentication.md | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/ruby_on_rails/forms_and_authentication/sessions_cookies_authentication.md b/ruby_on_rails/forms_and_authentication/sessions_cookies_authentication.md index 74884f1deef..d82ed9534fe 100644 --- a/ruby_on_rails/forms_and_authentication/sessions_cookies_authentication.md +++ b/ruby_on_rails/forms_and_authentication/sessions_cookies_authentication.md @@ -98,15 +98,24 @@ Before we talk about authentication, we need to cover controller filters. The i ~~~ruby # app/controllers/users_controller before_action :require_login + before_action :do_something_cool ... private def require_login - # do stuff to check if user is logged in + if current_user.logged_in? + # allow the user to perform the action they wanted + else + redirect_to login_path + end + end + + def do_something_cool + # do stuff here end ~~~ -The `before_action` method takes the symbol of the method to run before anything else gets run in the controller. If it returns `false` or `nil`, the request will not succeed. +The `before_action` method takes the symbol of the method to run before anything else gets run in the controller. In the case that this callback renders or redirects, the request, as well as any callbacks that are scheduled to run after that callback, are also cancelled. So in the case above, if the user was redirected to the login page, the `before_action :do_something_cool` callback wouldn't have been executed either. You can specify to only apply the filter for specific actions by specifying the `only` option, e.g. `before_action :require_login, only: [:edit, :update]`. The opposite applies by using the `:except` option... it will run for all actions except those specified.