2 title: Rails controllers
10 redirect_to root_url, notice: "Good."
14 session[:user_id] = nil
16 flash[:notice] = "Hello" # Gets flushed on next request
17 flash.keep # Persist flash values
18 flash.now[:error] = "Boo" # Available on the same request
20 cookies[:hello] = "Hi"
24 # params is a combination of:
31 respond_to do |format|
33 format.xml { render xml: @users }
34 format.json { render json: @users }
35 format.js # Will be executed by the browser
38 ### default_url_options
40 # The options parameter is the hash passed in to 'url_for'
41 def default_url_options(options)
42 {:locale => I18n.locale}
47 # Filter with callbacks
48 before_filter :authenticate
49 before_filter :authenticate, except: [:login]
50 before_filter :authenticate, only: [:login]
52 redirect_to login_url unless controller.logged_in?
56 before_filter do |controller|
57 redirect_to login_url unless controller.logged_in?
60 # Filter with external classes
61 before_filter LoginFilter
63 def self.filter(controller) ...; end
67 skip_before_filter :require_login, only: [:new, :create]
69 # Before/after filters
70 around_filter :wrap_in_transaction
71 def wrap_in_transaction(&blk)
72 ActiveRecord::Base.transaction { yield }
75 ### HTTP basic authentication
77 before_filter :authenticate
79 # Basic authentication:
81 authenticate_or_request_with_http_basic { |u, p|
82 u == "root" && p == "alpine"
86 # ...or digest (hashed) authentication:
87 # uses the ha1 hash (username:realm:password)
88 def authenticate_by_digest
91 "rsc" => Digest::MD5.hexdigest("rsc:#{realm}:passwordhere")
94 authenticate_or_request_with_http_digest(realm) { |user|
99 # For integration tests
101 auth = ActionController::HttpAuthentication::Basic.encode_credentials(user, pass)
102 get "/notes/1.xml", nil, 'HTTP_AUTHORIZATION' => auth
106 is_logged_in = authenticate_with_http_token do |token, options|
107 token == our_secret_token
110 request_http_token_authentication unless is_logged_in
114 request.host #=> "www.example.com"
115 request.domain #=> "www.example.com"
116 request.domain(n=2) #=> "example.com"
118 request.protocol #=> "http://"
119 request.query_string #=> "q=duck+tales"
120 request.url #=> "http://www.example.com/search?q=duck+tales"
121 request.fullpath #=> "/search?q=duck+tales"
123 request.headers # Returns a hash
125 request.format #=> "text/html"
126 request.remote_ip #=> "203.167.220.220"
127 request.local? #=> true (if localhost/127.0.0.1)
131 request.method #=> "POST"
132 request.method_symbol #=> :post
142 response.status #=> 404
143 response.location # Redirect location
144 response.content_type
148 response.headers["Content-Type"] = "application/pdf"
152 send_data pdfdata, filename: "foo.pdf", type: "application/pdf"
153 send_file Rails.root.join('public','filename.txt') [filename: '..', type: '..']
157 * [Guide](http://guides.rubyonrails.org/action_controller_overview.html)
158 * [HttpAuthentication::Basic](http://api.rubyonrails.org/classes/ActionController/HttpAuthentication/Basic.html)
159 * [HttpAuthentication::Token](http://api.rubyonrails.org/classes/ActionController/HttpAuthentication/Token.html)