Resque, Devise and admin authentication

Question

Using Resque and Devise, i have roles for User, like:

User.first.role #=> admin
User.last.role #=> regular

I want to setup an authentication for Resque. So, inside config/routes.rb i have:

namespace :admin do
  mount Resque::Server.new, :at => "/resque", :as => :resque
end

And, of course it's accessible for all logged in users.

Is there any way to use a role from User.role? It should be accessible only by users with 'admin' role.

Thanks a lot.

Answer 1

Use a route constraint, in your routes.rb file:

  resque_constraint = lambda do |request|
    request.env['warden'].authenticate? and request.env['warden'].user.admin?
  end

  constraints resque_constraint do
    mount Resque::Server, :at => "/admin/resque"
  end

See this blog post and the comments. Hope it helps you.

Answer 2

in your routes.rb file:

authenticate :user, lambda {|u| u.role == 'admin' } do
    mount Resque::Server.new, :at => "/resque"
end

Also, make sure you have devise_for :users somewhere in that file

Answer 3

You can try subclassing the Resque::Server class this way:

require 'resque/server'

class SecureResqueServer < Resque::Server

  before do
    redirect '/login' unless some_condition_is_met! 
  end

end

And using it in your routes this way:

mount SecureResqueServer.new, :at => '/resque'

I got this information from this blog. Give it a try.

Answer 4

There is always the new solution, type this in your routes.rb for rails > 3.1:

  authenticate :admin do
    mount Resque::Server.new, :at => "/resque"
  end

And don't forget:

devise_for :admins