[Radiant] Password Protect an entire instance
Josh Schairbaum
this question asked, so here goes:
I want to password protect an entire Radiant instance, with the
exception of allowing users to sign up. I'd like to avoid HTTP
authentication, if at all possible. The standard user would not be
able to edit content, so they wouldn't need access to any of the Admin
UI.
Does anyone have any ideas how this could be accomplished? Could this
be done by using RadiantOnRails for the signup/authentication and then
an extension that would check for authentication before showing the
page?
Regards,
Josh
_______________________________________________
Radiant mailing list
Post: Rad...@radiantcms.org
Search: http://radiantcms.org/mailing-list/search/
Site: http://lists.radiantcms.org/mailman/listinfo/radiant
Sean Cribbs
recommend creating an extension that injects a before filter into
SiteController so as to intercept the login and also turns on sessions.
You would also need to make your own member model, perhaps using a
plugin like acts_as_authenticated, and wire up the appropriate routes.
Sean
Josh Schairbaum
Thanks for the tips. I've also got the multi-site extension
installed, would it be possible to completely password protect one
site, but not the other? Meaning, could the filter on SiteController
figure out which page was the root of the site and use it that way?
Regards,
Josh
Sean Cribbs
Here's another "we did that for Redken" moment. The professional site
on Redken requires authentication in various places, but the consumer
site requires none. Essentially we added a boolean flag on the Page
model that would let one select whether login was required to see that
page and had a default value for it that depended on the site it was
being created on. In the end we had a little duplication to accomplish
this, but it wasn't much.
So, yes, you're on the right track. Have a look at how multi-site finds
the correct page and then incorporate that into your before_filter.
Sean