"Destroy record" call deletes session

Sumit_Srivastava · July 26, 2012, 5:11am

Hi,

I have been trying to develop a sample app to create user logins and provide them personalized contact list with several features as of view, delete, edit, send mail, etc. Everything is working fine except the destroy action. Every time I call it, the session[:user] variable is destroyed, thus logging out the user.

Code for destroy is,

def destroy @contact = Contact.find(params[:id]) @contact.destroy
respond_to do |format|
  format.html { redirect_to contacts_url }
  format.js
end
end

contacts_url is path to the action which lists contacts for the user if session[:user] is valid else it logs out.

Am not able to find the problem. Have been struggling for a day.

Sumit_Srivastava · July 26, 2012, 7:02am

I could solve the problem by removing the line, protect_from_forgery from the ApplicationController but I am not sure if this is the correct approach. I tried adding the line <%= include_javascripts_tag :defaults %> but it didn’t help . It says default.js doesn’t exist.

What else could be the solution?

Colin_Law1 · July 26, 2012, 7:40am

Put some debug code in to find exactly which line clears the session variable. See the Rails Guide on Debugging for help with how to do this. I rather suspect it is not the destroy action itself that is doing it.

Colin