Mounting Letter_Opener overrides any authentication

Question

Mounting Letter_Opener overrides any authentication

Meatballs1 opened this issue 9 years ago · 3 comments

It looks like the default ApplicationController bundled in app/controllers overrides the target rails project ApplicationController. Therefore even if you have a default authentication method in your project's ApplicationController you can still browse directly to /letter_opener without authenticating.

:(

Answer 1 · 2015-08-28T11:43:09.000Z

I'm thinking this may just be an underlying issue with Rails Engines: http://jacopretorius.net/2012/12/authenticating-rails-engines-with-devise.html

Answer 2 · 2015-11-04T22:06:10.000Z

If you want to authenticate the access to /letter_opener, I think you are looking for route constraints :)

Answer 3 · 2018-02-22T13:59:20.000Z

This is very old at this point and has no recent activity. I'm going to close it for now. Feel free to open a new issue/PR if this is still a concern.