开发者

Restful_authentication plugin not working

开发者 https://www.devze.com 2022-12-16 21:28 出处:网络
I\'m using restful_authentication plugin for Ruby on Rails.All seems fine except that it seems the user session is not getting created at all.I have the create method below.It appears that the self.cu

I'm using restful_authentication plugin for Ruby on Rails. All seems fine except that it seems the user session is not getting created at all. I have the create method below. It appears that the self.current_user is being set but that the actual session is never created. When and how is the current_user_session supposed to be defined. I have the method in my application controller but this is where it always fails.

def create
logout_keeping_session!
user = User.authenticate(params[:login], params[:password])
if user
  # Protects against session fixation attacks, causes request forgery
  # protection if user resubmits an earlier form using back
  # button. Uncomment if you understand the tradeoffs.
  # reset_session
  self.current_user = user
  new_cookie_flag = (params[:remember_me] == "1")
  handle_remember_cookie! new_cookie_flag
  redirect_back_or_default('/')
  flash[:notice] = "Logged in successfully"
else
  note_failed_signin
  @login       = params[:login]
  @remember_me = params[开发者_如何学编程:remember_me]
  render :action => 'new'
end

end

Application_Controller

  def current_user_session
    return @current_user_session if defined?(@current_user_session)
    @current_user_session = UserSession.find
  end

  def current_user
    return @current_user if defined?(@current_user)
    @current_user = current_user_session && current_user_session.user
  end

UserSession model is empty


Do not use restful_authentication if you can avoid it. There are a number of better alternatives out there that are actually RESTful and better maintained:

  • Clearance
  • Authlogic
  • Devise


When you say session, do you actually mean a session or is this some restful_authentication magic?

I used to use restful_authentication, and some older apps still do. However, they used cookie-based session management and not a user session model.


Are you using rails 2.3.5?

I am seeing issues with this using redirect_to, basically removing any variables added to the session before the redirecting.

Reverting to 2.3.4 seems to of solved my problem, but there is a bug on lighthouse in regards to some weirdness to session in rails 2.3.X

This may not be same issue for you, but has taken me hours to realise a revert fixed my issue, so might be worth a quick test.

0

精彩评论

暂无评论...
验证码 换一张
取 消