5 Matching Annotations
  1. Apr 2021
    1. class AuthConstraint def initialize(&block) @block = block || ->(_) { true } end def matches?(req) user = current_user(req) user.present? && @block.call(user) end def current_user(req) User.find_by_id(session[:user_id]) end end This is a flexible approach to defining route access based on any desired variable (roles, auth, etc...)

      Good solution, and might be needed if you want to base routes on roles, etc. — but this one is even easier if all you need is for it to be conditional based on signed in or not (because devise provides authenticated helper):