SitePoint Sponsor

User Tag List

Results 1 to 4 of 4

Thread: session Gotchas

  1. #1
    SitePoint Enthusiast
    Join Date
    Jul 2006
    Posts
    74
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    session Gotchas

    Hello,

    I got a login form on my main page that executes this code:

    Code Ruby:
      def login
        if session[:user] = User.authenticate(params[:user][:login], params[:user][:password])
          redirect_to :controller => 'messages', :action => 'inbox'
        else
          redirect_to :controller => 'blogs', :action => 'index'
          flash[:login] = "login failed!"
        end
      end

    The session[:user] variable is only working from my blogs controller. If I try to read it from another controller it is empty. I have been reading in the RoR wiki and found the following information:

    Gotchas with sessions
    Model must be available to Sessions – If you store a class (like an active record model) in a session variable, like this session[:user] = User.find_by_name('Foo Bar')
    then rails may crash as soon as you move to another controller. Rails becomes confused that there is no immediate class definition for the data in the session. The solution is to put this in application.rb:
    model :user Replace ” :user ” with the name of the model being stored in your sessions, this way it wil load the definition before figuring out the session data.


    This sounds exactly like my problem, but if I put model :user in my application.rb controller I get an error:

    Status: 500 Internal Server Error
    undefined method `model' for ApplicationController:Class
    /home/atmorell/public_html/app/controllers/application.rb:6
    /usr/local/lib/ruby/gems/1.8/gems/activesupport-2.0.2/lib/active_support/dependencies.rb:203:in `load_without_new_constant_marking'
    /usr/local/lib/ruby/gems/1.8/gems/activesupport-2.0.2/lib/active_support/dependencies.rb:203:in `load_file'
    /usr/local/lib/ruby/gems/1.8/gems/activesupport-2.0.2/lib/active_support/dependencies.rb:342:in `new_constants_in'
    /usr/local/lib/ruby/gems/1.8/gems/activesupport-2.0.2/lib/active_support/dependencies.rb:202:in `load_file'
    /usr/local/lib/ruby/gems/1.8/gems/activesupport-2.0.2/lib/active_support/dependencies.rb:94:in `require_or_load'
    /usr/local/lib/ruby/gems/1.8/gems/activesupport-2.0.2/lib/active_support/dependencies.rb:60:in `depend_on'
    /usr/local/lib/ruby/gems/1.8/gems/activesupport-2.0.2/lib/active_support/dependencies.rb:442:in `require_dependency'
    /usr/local/lib/ruby/gems/1.8/gems/actionpack-2.0.2/lib/action_controller/dispatcher.rb:141:in `prepare_application'
    /usr/local/lib/ruby/gems/1.8/gems/actionpack-2.0.2/lib/action_controller/dispatcher.rb:178:in `send!'
    /usr/local/lib/ruby/gems/1.8/gems/actionpack-2.0.2/lib/action_controller/dispatcher.rb:178:in `run_callbacks'
    /usr/local/lib/ruby/gems/1.8/gems/actionpack-2.0.2/lib/action_controller/dispatcher.rb:175:in `each'
    /usr/local/lib/ruby/gems/1.8/gems/actionpack-2.0.2/lib/action_controller/dispatcher.rb:175:in `send!'
    /usr/local/lib/ruby/gems/1.8/gems/actionpack-2.0.2/lib/action_controller/dispatcher.rb:175:in `run_callbacks'
    /usr/local/lib/ruby/gems/1.8/gems/actionpack-2.0.2/lib/action_controller/dispatcher.rb:114:in `dispatch'
    /usr/local/lib/ruby/gems/1.8/gems/actionpack-2.0.2/lib/action_controller/dispatcher.rb:126:in `dispatch_cgi'
    /usr/local/lib/ruby/gems/1.8/gems/actionpack-2.0.2/lib/action_controller/dispatcher.rb:9:in `dispatch'
    /usr/local/lib/ruby/gems/1.8/gems/mongrel-1.1.4/bin/../lib/mongrel/rails.rb:76:in `process'
    /usr/local/lib/ruby/gems/1.8/gems/mongrel-1.1.4/bin/../lib/mongrel/rails.rb:74:in `synchronize'
    /usr/local/lib/ruby/gems/1.8/gems/mongrel-1.1.4/bin/../lib/mongrel/rails.rb:74:in `process'
    /usr/local/lib/ruby/gems/1.8/gems/mongrel-1.1.4/bin/../lib/mongrel.rb:159:in `process_client'
    /usr/local/lib/ruby/gems/1.8/gems/mongrel-1.1.4/bin/../lib/mongrel.rb:158:in `each'
    /usr/local/lib/ruby/gems/1.8/gems/mongrel-1.1.4/bin/../lib/mongrel.rb:158:in `process_client'
    /usr/local/lib/ruby/gems/1.8/gems/mongrel-1.1.4/bin/../lib/mongrel.rb:285:in `run'
    /usr/local/lib/ruby/gems/1.8/gems/mongrel-1.1.4/bin/../lib/mongrel.rb:285:in `initialize'
    /usr/local/lib/ruby/gems/1.8/gems/mongrel-1.1.4/bin/../lib/mongrel.rb:285:in `new'
    /usr/local/lib/ruby/gems/1.8/gems/mongrel-1.1.4/bin/../lib/mongrel.rb:285:in `run'
    /usr/local/lib/ruby/gems/1.8/gems/mongrel-1.1.4/bin/../lib/mongrel.rb:268:in `initialize'
    /usr/local/lib/ruby/gems/1.8/gems/mongrel-1.1.4/bin/../lib/mongrel.rb:268:in `new'
    /usr/local/lib/ruby/gems/1.8/gems/mongrel-1.1.4/bin/../lib/mongrel.rb:268:in `run'
    /usr/local/lib/ruby/gems/1.8/gems/mongrel-1.1.4/bin/../lib/mongrel/configurator.rb:282:in `run'
    /usr/local/lib/ruby/gems/1.8/gems/mongrel-1.1.4/bin/../lib/mongrel/configurator.rb:281:in `each'
    /usr/local/lib/ruby/gems/1.8/gems/mongrel-1.1.4/bin/../lib/mongrel/configurator.rb:281:in `run'
    /usr/local/lib/ruby/gems/1.8/gems/mongrel-1.1.4/bin/mongrel_rails:128:in `run'
    /usr/local/lib/ruby/gems/1.8/gems/mongrel-1.1.4/bin/../lib/mongrel/command.rb:212:in `run'
    /usr/local/lib/ruby/gems/1.8/gems/mongrel-1.1.4/bin/mongrel_rails:281
    /usr/local/bin/mongrel_rails:19:in `load'
    /usr/local/bin/mongrel_rails:19
    This is my session configurion:
    config.action_controller.session = {
    :session_key => '_www_session',
    :secret => 'keyremoved'
    }

    config.action_controller.session_store = :active_record_store
    Any ideas?

    Best regards
    Asbjørn Morell.

  2. #2
    SitePoint Enthusiast TomK32's Avatar
    Join Date
    Mar 2008
    Location
    Berchtesgaden, Germany
    Posts
    32
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Once more the wiki is offline, but just a general idea: There are plenty of login and authentication plugins out there. Well-tested and well-documented. And if you want a bit more give goldberg a try. It's very exensible, a pure plugin and saves me at least 50 hours of work for 95% of my projects.
    And I'm pretty sure that the model is deprecated and not in 2.0
    just a geek trying to change the world
    I'm a ruby on rails developer in Vienna, Austria. My github.

  3. #3
    SitePoint Enthusiast
    Join Date
    Jul 2006
    Posts
    74
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Is this the plugin you are refering to? (wiki is still down)

    Well I know there is plenty of usefull plugins avalible to RoR. However I would like to work on my skills before using plugins.

    I have changed my code to only store the user.id primary key in my session when a login is succesfull. How do I fetch the user object before each controller is executed? Would it be possible to put something like @user = User.find(session[:user]) in my application.rb file and maybe use a before filter?

    Code Ruby:
      def self.authenticate(login,password)
        find(:first, :select => ["id"], :conditions => ["login = ? and password = ?", login, Digest::SHA1.hexdigest(password)])
      end

    Best regards.
    Asbjørn Morell.

  4. #4
    SitePoint Enthusiast TomK32's Avatar
    Join Date
    Mar 2008
    Location
    Berchtesgaden, Germany
    Posts
    32
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    No I meant this one: http://www.goldberg.240gl.org/

    Yes, before_filter does the job, use it with :execpt instead of nly, that's much safer.
    Code:
    before_filter :authenitcate, :except => [:index, :public]
    just a geek trying to change the world
    I'm a ruby on rails developer in Vienna, Austria. My github.


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •