Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

allow containing application to add before_action to front ends #75

Open
alexdean opened this issue Apr 28, 2016 · 4 comments
Open

allow containing application to add before_action to front ends #75

alexdean opened this issue Apr 28, 2016 · 4 comments
Assignees
@ryanto

Comments

@alexdean
Copy link

alexdean commented Apr 28, 2016
edited

problem

  1. my front-end application requires authentication/authorization (auth/authz) in order to do anything useful.
  2. for users who need auth/authz, i want to redirect them in rails, so as not to force them to load all of ember just to see a 'you are not authorized' message. i want all auth/authz logic & flows to be entirely in rails, and not require coordination in the ember code.
  3. currently the only way i can see to add a before_action to a front end build is via a monkey patch. this is brittle & a likely source for unexpected behavior

for example:

# config/initializers/front_end_builds.rb
module FrontEndBuilds
  class ApplicationController < ActionController::Base
    before_action :do_authentication_things
  end
end

possible solutions

i'm not stuck on either of these. just trying to brainstorm some options.

inherit from ::ApplicationController

change FrontEndBuilds::ApplicationController to inherit from ::ApplicationController. This gives the containing application a way to add before_action & other hooks without monkey patching

support a per-frontend before_action explicitly

# config/routes.rb
front_end 'something', '/', before_action: :do_authentication_things

this might be even nicer than the ::ApplicationController change, but i'm not sure how this would work exactly. (where/how would my :do_authentication_things method be defined?)

cc @samselikoff
@samselikoff
Copy link
Contributor

Related: #33

@alexdean
Copy link
Author

alexdean commented Apr 29, 2016
edited

update: i think i'd prefer the 'inherit from ::ApplicationController' option.

  1. this seems to be a normal/conventional thing to do. this approach is mentioned in the rails guide to engines.
  2. it would allow me to easily integrate FEB with other aspects of my application, like handling cases where i want to deny access to a resource.

re that 2nd point: i'm not doing something exactly like this, but similar. raising an exception which signals "access is denied", & which is then handed by a rescue_from in ::ApplicationController. I'd like to be able to extend this approach to my FEB endpoints also, but that's not possible w/ only a before_action.

@alexdean
Copy link
Author

Allowing me to add concerns into FrontEndBuilds::ApplicationController might be another acceptable option. I could encapsulate the behaviors i want in concerns, and add them to both ::ApplicationController and FrontEndBuilds::ApplicationController. afaik, I can add both before_action and rescue_from via concerns.

@alexdean
Copy link
Author

Another option... Devise allows the main application to configure which controller the devise controllers will inherit from.

code references:

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@ryanto ryanto

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@ryanto @alexdean @samselikoff