How can I secure static content in Rails 3?

I have an HTML user guide for my application. But I don't want those who are not logged in to be able to access it开发者_开发百科. I am using Devise authentication and CanCan authorization.

I would store it outside the public folder and serve it through a simple controller that just performs the authentication check. Doing this with x-sendfile ( https://tn123.org/mod_xsendfile/ ) should minimize the additional server load. Here's a rough guide: http://elivz.com/blog/single/mod_xsendfile/

I'm not familier with the authentication method that you are using, but once you authenticate a user you can save logged_in flag in your session

session[:user]='logged_in'

than you can create a helper

def logged_in?
  session[:user] =='logged_in'
end

Now you will be abe to use this helper in you views

<% if logged_in? %>
  your html
<% end %>

Now this is very basic, if you need something more specific let us know

--So I just noticed that you want to make sure that only logged in users will be able to see the whole page.

then you should use you authenticate function as a before filter in you controller

before_filter :authenticate

Take a look at the High Voltage plugin.

This is a fairly simple controller designed to serve static content. Authenticate by extending HighVoltage::PagesController and handling authentication like you would with any other controller (minimal example available on the linked page).