Hi,
I'm having a problem trying to get a login controller working. When I try and post to my login controller I get the following error:
ActionController::InvalidAuthenticityToken in LoginController#login
login_controller:
class LoginController < ApplicationController def login case request.method when :post if @session['user'] = User.authenticate(@params['username'], @params['password'])
flash['notice'] = "Login successful" redirect_back_or_default :action => "welcome" else @login = @params['username'] @message = "Login unsuccessful" redirect_to :action=> "login" end end end .....
login.html.erb:
<div id="login"> <h1>Please Login</h1>
<form method="post" action=""> <p><label for="user_login">Username</label> <%= text_field "user", "username", :class => 'textbox', :value => '', :maxlength => 40 %></p> <p><label for="user_password">Password</label> <%= password_field "user", "password", :class => 'textbox', :value => '', :maxlength => 40 %></p> <p class="buttons"> <%= submit_tag 'Login', :class => 'button' %> </p> </form> </div>
User.rb
class User < ActiveRecord::Base
def self.authenticate(login, pass) User.find(:first, :conditions =>["username = ? AND password = ?", login, sha1(pass)]) end
def change_password(pass) update_attribute "password", self.class.sha1(pass) end
protected
def self.sha1(pass) Digest::SHA1.hexdigest("somedigest") end
before_create :crypt_password
def crypt_password write_attribute("password", self.class.sha1(password)) end
validates_length_of :login, :within => 3..40 validates_length_of :password, :within => 5..40 validates_presence_of :login, :password, :password_confirmation validates_uniqueness_of :login, :on => :create validates_confirmation_of :password, :on => :create end
I have the :secret and :session_key set in the environment.rb
Does anyone have any ideas?