Common stuff
redirect_to root_url
redirect_to root_url, notice: "Good."
Special hashes
session[:user_id] = nil
flash[:notice] = "Hello" # Gets flushed on next request
flash.keep # Persist flash values
flash.now[:error] = "Boo" # Available on the same request
cookies[:hello] = "Hi"
params[:page]
# params is a combination of:
query_parameters
path_parameters
request_parameters
respond_to
respond_to do |format|
format.html
format.xml { render xml: @users }
format.json { render json: @users }
format.js # Will be executed by the browser
end
default_url_options
# The options parameter is the hash passed in to 'url_for'
def default_url_options(options)
{:locale => I18n.locale}
end
Filters
# Filter with callbacks
before_filter :authenticate
before_filter :authenticate, except: [:login]
before_filter :authenticate, only: [:login]
def authenticate
redirect_to login_url unless controller.logged_in?
end
# Filter with inline
before_filter do |controller|
redirect_to login_url unless controller.logged_in?
end
# Filter with external classes
before_filter LoginFilter
class LoginFilter
def self.filter(controller) ...; end
end
# Filter exceptions
skip_before_filter :require_login, only: [:new, :create]
# Before/after filters
around_filter :wrap_in_transaction
def wrap_in_transaction(&blk)
ActiveRecord::Base.transation { yield }
end
HTTP basic authentication
before_filter :authenticate
# Basic authentication:
def authenticate
authenticate_or_request_with_http_basic { |u, p|
u == "root" && p == "alpine"
}
end
# ...or digest (hashed) authentication:
# uses the ha1 hash (username:realm:password)
def authenticate_by_digest
realm = "Secret3000"
users = {
"rsc" => Digest::MD5.hexdigest("rsc:#{realm}:passwordhere")
}
authenticate_or_request_with_http_digest(realm) { |user|
users[user]
}
end
# For integration tests
def test_access
auth = ActionController::HttpAuthentication::Basic.encode_credentials(user, pass)
get "/notes/1.xml", nil, 'HTTP_AUTHORIZATION' => auth
end
# Token auth
is_logged_in = authenticate_with_http_token do |token, options|
token == our_secret_token
end
request_http_token_authentication unless is_logged_in
Request/response
request.host #=> "www.example.com"
request.domain #=> "www.example.com"
request.domain(n=2) #=> "example.com"
request.port #=> 80
request.protocol #=> "http://"
request.query_string #=> "q=duck+tales"
request.url #=> "http://www.example.com/search?q=duck+tales"
request.fullpath #=> "/search?q=duck+tales"
request.headers # Returns a hash
request.format #=> "text/html"
request.remote_ip #=> "203.167.220.220"
request.local? #=> true (if localhost/127.0.0.1)
request.xhr?
request.method #=> "POST"
request.method_symbol #=> :post
request.get?
request.post?
request.put?
request.delete?
request.head?
response
response.body
response.status #=> 404
response.location # Redirect location
response.content_type
response.charset
response.headers
response.headers["Content-Type"] = "application/pdf"
Streaming
send_data pdfdata, filename: "foo.pdf", type: "application/pdf"
send_file Rails.root.join('public','filename.txt') [filename: '..', type: '..']
References