Mounting Letter_Opener overrides any authentication
Meatballs1 opened this issue · 3 comments
It looks like the default ApplicationController bundled in app/controllers
overrides the target rails project ApplicationController. Therefore even if you have a default authentication method in your project's ApplicationController you can still browse directly to /letter_opener without authenticating.
:(
I'm thinking this may just be an underlying issue with Rails Engines: http://jacopretorius.net/2012/12/authenticating-rails-engines-with-devise.html
If you want to authenticate the access to /letter_opener
, I think you are looking for route constraints :)
This is very old at this point and has no recent activity. I'm going to close it for now. Feel free to open a new issue/PR if this is still a concern.