Now that everything is in place, the login_required before filter can be added to the Posts controller. For every action to which this filter is applied, the user trying to access the action will need to be logged in. If the user is not logged in, they will be redirected to the login screen. Once logged in successfully, they will again be redirected to the action they tried to access.
When using the login_required before filter, it's best to use a whitelist. A whitelist defines the actions that are safe to access without authentication. If the opposite is done (a list of actions that are not safe to access without authentication), any newly added actions may inadvertently be left unprotected. To implement a whitelist, the :except argument to before_filter is used.
# File: app/controllers/posts_controller.rb
class PostsController < ApplicationController
before_filter :login_required, :except => %w[ index show ]
... snip ...