open_id_authentication and remember_me

Hi,
I've got a user login system working by combining the
restful_authentication
with open_id_authentication plugins. But there's a little problem, and
that is that
any additional parameters from the login form (such as remember_me)
are lost after the OpenID transaction, and I don't see how to pass it
around
as an option somewhere either. For instance, in SessionsController:

  # remember_me is passed from #create
  def open_id_authentication(openid_url, remember_me)
    authenticate_with_open_id(openid_url, :required =>
[:nickname, :email]) do |result, identity_url, registration|
      if result.successful?
        @user = User.find_or_initialize_by_identity_url(identity_url)
        # ...set @user fields...
        self.current_user = @user
        successful_login(remember_me) # when initiated from the GET
call to SessionsController#create after the authentication this is nil
      end
    end
  end

Has anyone solved this?

    Marko

I've got a user login system working by combining the
restful_authentication
with open_id_authentication plugins. But there's a little problem, and
that is that
any additional parameters from the login form (such as remember_me)
are lost after the OpenID transaction, and I don't see how to pass it
around
as an option somewhere either. For instance, in SessionsController:

FYI, best practice for OpenID relying parties is that the remember-me
functionality is left to the identity provider, not the relying party.
That allows an OpenID user to revoke all his remember-me's at once if,
for example, his password is compromised.

In this scenario, what you need to do as a relying party is simply
remember the OpenID identifier that a user last authenticated with,
then, when he returns, do a checkid_immediate with the identity
provider, using that OpenID identifier. If the user has enabled
remember-me for your site, the checkid_immediate call will succeed, and
you can consider that user authenticated.

- D

Thanks for pointing me in the right direction. I'll get back to this
a bit later. It seems like I'll need to modify the plugin or use
ruby-openid directly in order to be able to do a checkid_immediate
authentication call.

    Marko