Using session-type data in an ActiveRecord callback...

Any suggestions on how best to gain access to session-type information while in an ActiveRecord callback, such as after_save?

I am encrypting some information in the database, using the generalized encryption/decryption handler in "Agile Web Development With Rails" (p 375ff). I got it working, and now I want to reference a session field (a user PIN) which is NOT stored in the database... for security reasons.

I can't seem to gain access to the session method:

1. attempting to use session['user']['pin'] gives me an "undefined variable or method" 2. attempting to use UserController.session['user']['pin'] gives me a message saying that it's expecting an integer, not a string.

Any ideas as to how to either (1) gain access to the session hash or (2) provide my own application-wide storage mechanism?

Thanks...jon

I wouldn't do it this way since it kind of muddy's up the controller & model portions of the MVC.

Instead you should create an function that will set the PIN in the user model like this. attr_accessor :pin

Then in your controller just pass it to a user object

user = User.find_by_id(session[:user][:id]) user.pin = session[:user][:pin] user.save!

in the Model

after_save      # do whatever with the pin       user.pin # this will call it now that you have set it end

That's the basic gist of it, I haven't tested any of this could but I hope its clear enough to understand.

hope that helps, Jim

oops I meant instead of this

after_save      # do whatever with the pin       user.pin # this will call it now that you have set it end

do this

after_save        self.pin #to call the current user instances pin. end

Very cool, Jim... thank you very much... just the kind of guidance I was looking for. I'll give it a shot tomorrow.

...jon