showing error (gsub) when switching from session to cookies

I am newbie to rail. Trying to develop social networking site so working with railspace application. Everything is working fine but I stuck in the problem when i am giving the authorization tocken to the user to remember him/her.

My Error and controller code is below

Error:- private method `gsub' called for 4:Fixnum

C:/Users/Amir/Downloads/IR/ruby/lib/ruby/1.8/cgi.rb:342:in `escape' C:/Users/Amir/Downloads/IR/ruby/lib/ruby/gems/1.8/gems/actionpack-2.0.2/lib/action_controller/cgi_ext/cookie.rb:73:in `to_s' C:/Users/Amir/Downloads/IR/ruby/lib/ruby/gems/1.8/gems/actionpack-2.0.2/lib/action_controller/cgi_ext/cookie.rb:73:in `collect' C:/Users/Amir/Downloads/IR/ruby/lib/ruby/gems/1.8/gems/actionpack-2.0.2/lib/action_controller/cgi_ext/cookie.rb:73:in `to_s' C:/Users/Amir/Downloads/IR/ruby/lib/ruby/gems/1.8/gems/actionpack-2.0.2/lib/action_controller/cookies.rb:80:in `set_cookie' C:/Users/Amir/Downloads/IR/ruby/lib/ruby/gems/1.8/gems/actionpack-2.0.2/lib/action_controller/cookies.rb:65:in `=' app/controllers/user_controller.rb:27:in `login'

user_controller

if request.get? @user = User.new(:remember_me => cookies[:remember_me] || "0") elsif param_posted?(:user) @user = User.new(params[:user]) user = User.find_by_screen_name_and_password(@user.screen_name, @user.password) if user user.login!(session) if @user.remember_me == "1" cookies[:remember_me] = { :value => "1", :expires => 10.years.from_now }   user.authorization_token = user.id user.save! cookies[:authorization_token] = { :value => user.authorization_token, :expires => 10.years.from_now }   else cookies.delete(:remember_me) cookies.delete(:authorization_token) end flash[:notice] = "User #{user.screen_name} logged in!" redirect_to_forwarding_url else @user.clear_password! flash[:notice] = "Invalid screen name/password combination" end end end

Please do the needful. I don't have much time, I need to deliver this project in my college.

Thanks Amir

Can you pls provide your controller with line number?

Please find my login code below.

def login if request.get? @user = User.new(:remember_me => cookies[:remember_me] || "0") elsif param_posted?(:user) @user = User.new(params[:user]) user = User.find_by_screen_name_and_password(@user.screen_name, @user.password) if user user.login!(session) if @user.remember_me == "1" cookies[:remember_me] = { :value => "1", :expires => 10.years.from_now }   user.authorization_token = user.id user.save! cookies[:authorization_token] = { (line no. 27) :value => user.authorization_token, (line no. 28) :expires => 10.years.from_now } (line no. 29)   else cookies.delete(:remember_me) cookies.delete(:authorization_token) end flash[:notice] = "User #{user.screen_name} logged in!" redirect_to_forwarding_url else @user.clear_password! flash[:notice] = "Invalid screen name/password combination" end end end

What is the path and file name that code is in? Check very carefully that you post the correct name, do not just type what you /think/ it is.

Colin

Please find my login code below.

cookies[:authorization_token] = { (line no. 27) :value => user.authorization_token, (line no. 28) :expires => 10.years.from_now } (line no. 29)

Cookie values should be strings, not integers. Also since you've set authoization_token to just be the user id, this allows any user to log into as any other user just be modifying the value of this cookie and guessing a user_id

Fred

Why is it I only know the answers to the easy questions I wonder.

Colin

I got the point.

Thank you so much Colin.

Now code is working fine. Problem was that I was not using the hashing algorithm for authorization_token. It was taking the user.id as an authorization_token.

As I apply the hashing algorithm to it. Hashing generates authorization token as a string.

Problem Solved :slight_smile:

Thanks Colin

Have a colorful day.

Regards Amir

Ok, even though I only manage to answer the easy questions I get the credit for the more difficult ones. Excellent :slight_smile:

You might like to thank Fred too since it was he that provided the answer.

Colin

Thank you Fred.

Excellent work.

Your ideas my effort makes the code workable :slight_smile:

Hope I will get the help in further problems as I am new to rails.:slight_smile:

Thanks

Amir