lapis-console icon indicating copy to clipboard operation
lapis-console copied to clipboard
verified publisher icon leafo

Enabling the console for authenticated users only

Open TangentFoxy opened this issue 8 years ago • 0 comments

Was going to ask how I might go about this, but figured out something that works, so I'm posting this here for reference if anyone else wishes to try to do the same:

-- within the application class (don't forget to import respond_to)
[console: "/console"]: respond_to {
    before: =>
      if is_admin(@) -- a function I imported above that checks session ID against users table in a database
        @console = console.make!
      else
        return status: 401, "401 - Unauthorized"
    GET: =>
      return @console(@)
    POST: =>
      return @console(@)
  }

If there is a reason I shouldn't do this (besides the security risk, and potential errors in my own implementation of users), please let me know. Or if there is a better way to do it.

TangentFoxy avatar Jan 31 '18 23:01 TangentFoxy