I have a two part question.
First just wondering if anyone out there has any good Remember Me login coding example or tutorials? I found one that is a couple years old and it seems like if should work for a rails 2.0 application but I won't know until I try.
Second, the code example that I did find and am intergrating has a couple lines that are just confusing. In this example the user logins and if the remember me check box is checked this bit of code is executed:
# Controller code for login @session[:user].remember_me cookies[:auth_token] = { :value => @session[:user].remember_token , :expires => @session[:user].remember_token_expires }
Then, theoretically you close down the browser and the next time you open it and navigate to my website you should be automatically logged in.
The issue that I have - and I think this is because I am not understanding the ruby code - is, in the remember_me method of the User model I have this bit of code:
self.remember_token = Digest::SHA1.hexdigest("#{salt}--#{self.email}--# {self.remember_token_expires}")
and this bit of code in the ApplicationController
user = User.find_by_remember_token(cookies[:auth_token])
When I save the value for the remember_token I don't see how I am going to be able to find that value in the database with the find_by_remember_token because of the odd syntax used in the hexdigest method.
If the cookie has has a :value => '...' and a :expires => '...', how is the find_by_remember_token going to work when the remember_token is encrypted by saying "#{salt}--#{self.email}--#{self.remember_token_expires}"? It just doesn't seem to me that the encrypted info and the cookie would be the same in the end and that I would therefore not be able to find anything by the User.find_by_remember_token.
Not sure if this makes sense, I just didn't want to get to far into this project without fully understanding what is going on. Thanks,
-S