class SessionsController < ApplicationController
def new
end
def create
user = User.find_by_email(params[:session][:email])
if user && user.authenticate(params[:session][:password])
sign_in user
redirect_to user
else
flash.now['error'] = 'Invalid email/password combination'
render :new
end
end
def destroy
end
end
#sessions_helper.rb ------> Sessions Helper
module SessionsHelper
def sign_in(user)
cookies.permanent[:_pm] = user.remember_token
current_user = user
end
end
The problem is the cookie doesn't get set to any value at all. It's
always nil.
Thanks in advance for any assistance given.
I reset the db which clears all the users already created. Every new user has a nil for the remember_token field. That’s the absurdity, the column in the db cannot be field with the value before the user is created.
I'm pretty new to ruby and rails BUT, I've had problems in the past
like this when I didn't set the variable up with the attr_accessible
in the model...
when you try to access the remember_token in the SessionHelper, is it
in scope without the attribute set up or is that why you're getting
nil?
try adding
attr_accessible :remember_token
to the top of your model and see if that helps...
I'd also add a
fail self.inspect in the callback after you make the assignment to
see:
1. that it's getting there
2. if the value is being set to something other than nil
attr_accessible describes columns of the db whose values can be set and/or modified by the user through the web interface (at least that’s what I believe). That’s my reason for exempting :remember_token from the list. I’d give it a try and examine the security infringements. If they’re not grave, I’d stick with your plan.
Sort of. it means that the value can be set by update_attributes or
the other APIs that take a hash of attributes. It has no effect on the
ability to do self.remember_token = 'blah'
but wouldn't it have an affect on the ability to access the
remember_token in the SessionHelper?
No. Like i said it affects the ability to write attributes by passing
a hash of keys to values. It never affects reading column values and
never affects the ability to write values explicitly
In your first post you say the cookie doesn’t get set, then later you say the database column doesn’t get set. Which is the problem?
Also, is there a reason you’re setting cookies.permanent[:_pm] rather than cookies.permanent[:remember_token]? I’m not sure how rails would find it if the names don’t match what you’ve set in the User model.
The cookie name is independent of the column name. The cookie is created but has no value when I check it in my browser. I use Chrome (on PC). Thanks for your support
Problem has been resolved quite mysteriously. I deleted all my browser cookies and it worked now. I’m trying to figure out why that could be a solution. So hang on, I’d write everything here. Thanks for the family feeling. RAILS 4EVER!!!
