Sudo Mode

Sudo Mode helps you easily require a password confirmation before any controller action of your choice.

This is inspired (heavily) by Github's implementation.

Installation

Add sudo_mode to your Gemfile:

gem "sudo_mode"

And install:

$ bundle install

Usage

Mount the confirmation page in your routes

Foo::Application.routes.draw do
  mount SudoMode::Engine => '/sudo' # You can replace '/sudo' with any other prefix

  # ...
end

And pick a controller action to protect

class FooController
  require_password_confirmation_for :destroy

  def destroy
    # Bad things happen here
  end
end

Internationalization

Override these keys in your locale files:

sudo_mode:
    confirmation:
      new:
        confirmation_heading: "Confirm your Password"
        check_password_button: "Check"
        warning_message: "Are you sure you want to delete this?"

Limitations

• Requires has_secure_password
• Requires ApplicationController to have a current_user method
• Styling for the confirmation page is not taken care of
• All helper method calls in application.html.erb (and the partials it renders) must be explicitly called on main_app

Credits

This gem was extracted from work on ashoka-survey-web.