Created: 2008-12-03 03:29
Updated: 2016-05-08 18:21
License: mit



A merb slice that authenticates yaml defined OpenID users.


Sometime you have an app that doesn't need full authentication, but you'd like to be able to limit some pages to admins only. This is the story of that app...

MerbDay Atlanta

This was originally presented at MerbDayAtlanta. The orginal slides are located in the Merbday GitHub Repo.

Why doesn't it use Merb-Auth

Because it's not returning a standard user object. Even with a merb-auth strategy, you still need to return a basic user object. It would work correctly alone, but if you roll merb-auth into your project and you'd have two possible user objects being stored, a complete dm user objects, and a simple OpenID. Also, merb-auth doesn't do authorization, just authentication. I'm going to revisit this once merb-authz is rolled into merb.

Installation and use

Install the gem from the cloned repo

git clone git://github.com/markpercival/quickadmin.git
cd quickadmin
sudo rake install

Add the following to dependencies.rb

dependency 'quickadmin'

and then add this to router.rb

slice(:quickadmin, :name_prefix => nil, :path_prefix => "")

On any page you want to protect just create a before filter:

before :ensure_quickadmin, :only => [:index, :edit]

Add the authorized OpenID's to 'config/quickadmins.yaml'

- mpercival.com
- gweezelbur.com
- john.schult.us

It will auto-magically create the necessary 'config/quickadmins.yaml' on the first load if you don't already have one.

Author and license info

Cookies help us deliver our services. By using our services, you agree to our use of cookies Learn more