# Authentication
# Filter out requests
You probably do not want to allow Avo access to everybody. If you're using devise (opens new window) in your app, use this block to filter out requests to it in your routes.rb
file.
authenticate :user do
mount Avo::Engine => '/avo'
end
You may also add custom user validation such as user.admin?
to only permit a subset of users to your Avo instance.
authenticate :user, -> user { user.admin? } do
mount Avo::Engine => '/avo'
end
Check out more examples of authentication on sidekiq's authentication section (opens new window).
# authenticate_with
method
Alternatively you can user the authenticate_with
config attribute. It takes a block and evaluates it in Avo's ApplicationController
as a before_action
.
# config/initializers/avo.rb
Avo.configure do |config|
config.authenticate_with do
authenticate_admin_user
end
end
# Customize the current_user
method
If you're not using devise (opens new window) for authentication you may customize the current_user
method to something else. The current_user_method
key takes a block parameter (shorthand or full block).
# config/initializers/avo.rb
Avo.configure do |config|
config.current_user_method do
current_admin
end
end
Using the block shorthand notation:
# config/initializers/avo.rb
Avo.configure do |config|
config.current_user_method(&:current_admin)
end