app/controllers/application.rb

   1 # Filters added to this controller apply to all controllers in the application.
   2 # Likewise, all the methods added will be available for all controllers.
   3
   4 class ApplicationController < ActionController::Base
   5   layout "store"
   6   before_filter :authorize, :except => :login
   7   helper :all # include all helpers, all the time
   8
   9   # See ActionController::RequestForgeryProtection for details
  10   # Uncomment the :secret if you're not using the cookie session store
  11   protect_from_forgery :secret => 'd7e9713fb540572dab37a045152d442a'
  12
  13   # See ActionController::Base for details
  14   # Uncomment this to filter the contents of submitted sensitive data parameters
  15   # from your application log (in this case, all fields with names like "password").
  16   # filter_parameter_logging :password
  17
  18   protected
  19   def authorize
  20     unless User.find_by_id(session[:user_id])
  21       session[:original_uri] = request.request_uri
  22       flash[:notice] = "Please log in"
  23       redirect_to :controller => 'admin', 'action' => 'login'
  24     end
  25   end
  26 end