Devise and swfupload authorization
-
26-09-2019 - |
Question
i'm trying to verify in my controller whether user has sufficient rights to upload files or not. swfupload does a POST request with (according to documentation) cookie values passed directly in POST request. this makes before_filter :authenticate_user!
unusable, user is not authorized correctly.
as far as I know from devise docs, there is a possibility of creating custom session controllers. is it a good starting point to solve this problem? any idea how to extract session id from POST and proceed with authorization?
Solution
I had a similiar issue with swfupload. I used midleware and some custom helper links to make it work. More info here: http://thewebfellas.com/blog/2008/12/22/flash-uploaders-rails-cookie-based-sessions-and-csrf-rack-middleware-to-the-rescue