When are you saving the user_id to the session?
You need to force a redirect to a login page if there is no session [:user_id] and you should also handle the fact that session[:user_id] may be nil in your is_logged_in? method.
When are you saving the user_id to the session?
You need to force a redirect to a login page if there is no session [:user_id] and you should also handle the fact that session[:user_id] may be nil in your is_logged_in? method.
Just to clarify - are you setting session[:user_id] in the user.login! (session) call? The other suggestions on handling a nil session[:user_id] (i.e. using find_by_id) are the appropriate ways to handle the error.
Eric