Rails - Mar 2011 - Help with session

oookk, so i have 2 actions , create and destroy, i can get
session[:cart_id] from inside the create method but not from inside
the delete method.

def create
    @cart = current_cart
    Rails.logger.debug "SESSION INFO HERE
#{session[:cart_id]}"         this here is 18

.
.
.


 def destroy
    # @cart = current_cart
    @line_item = LineItem.find(params[:id])
    Rails.logger.debug "SESSION INFO HERE
#{session[:cart_id]}"         this here is nil


.
.
.


here is how i create the cart


private
  def current_cart
    begin
      Cart.find(session[:cart_id])
    rescue ActiveRecord::RecordNotFound
      Rails.logger.debug "SESSION IS #{session.inspect}"          
<=is empty when i call it from the destroy method
     cart = Cart.create
     session[:cart_id] = cart.id
     cart
    end
  end


anyone knows whats going on?

-- 
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en.

does it work when you uncomment this line in destroy?

# @cart = current_cart



On Mar 17, 4:31 pm, radhames brito
<rbri...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
wrote:
> oookk, so i have 2 actions , create and destroy, i can get
> session[:cart_id] from inside the create method but not from inside
> the delete method.
>
> def create
>     @cart = current_cart
>     Rails.logger.debug "SESSION INFO HERE
> #{session[:cart_id]}"         this here is 18
>
> .
> .
> .
>
>  def destroy
>     # @cart = current_cart
>     @line_item = LineItem.find(params[:id])
>     Rails.logger.debug "SESSION INFO HERE
> #{session[:cart_id]}"         this here is nil
>
> .
> .
> .
>
> here is how i create the cart
>
> private
>   def current_cart
>     begin
>       Cart.find(session[:cart_id])
>     rescue ActiveRecord::RecordNotFound
>       Rails.logger.debug "SESSION IS #{session.inspect}"        
  <=> is empty when i call it from the destroy method
>      cart = Cart.create
>      session[:cart_id] = cart.id
>      cart
>     end
>   end
>
> anyone knows whats going on?
-- 
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-talk+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en.

oh  wait..  ignore that.   of course it will work but it just creates
a new cart.  :-\  sorry,  long day

On Mar 17, 4:54 pm, Tony Primerano
<tony.primer...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
wrote:
> does it work when you uncomment this line in destroy?
>
> # @cart = current_cart
>
> On Mar 17, 4:31 pm, radhames brito
<rbri...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:
>
> > oookk, so i have 2 actions , create and destroy, i can get
> > session[:cart_id] from inside the create method but not from inside
> > the delete method.
>
> > def create
> >     @cart = current_cart
> >     Rails.logger.debug "SESSION INFO HERE
> > #{session[:cart_id]}"         this here is 18
>
> > .
> > .
> > .
>
> >  def destroy
> >     # @cart = current_cart
> >     @line_item = LineItem.find(params[:id])
> >     Rails.logger.debug "SESSION INFO HERE
> > #{session[:cart_id]}"         this here is nil
>
> > .
> > .
> > .
>
> > here is how i create the cart
>
> > private
> >   def current_cart
> >     begin
> >       Cart.find(session[:cart_id])
> >     rescue ActiveRecord::RecordNotFound
> >       Rails.logger.debug "SESSION IS #{session.inspect}"    
      <=> > is empty when i call it from the destroy method
> >      cart = Cart.create
> >      session[:cart_id] = cart.id
> >      cart
> >     end
> >   end
>
> > anyone knows whats going on?
>
>
-- 
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-talk+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en.

On Thu, Mar 17, 2011 at 4:54 PM, Tony Primerano
<tony.primerano-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>wrote:
> does it work when you uncomment this line in destroy?
>
> # @cart = current_cart
>
>
>
If i do that what happens is that since the session is nil a new cart i
created and i lose all the items in the original "current_cart"
and a new cart is rendered with no items.

even if i successfully delete the right line_item, when the cart is update
is populated from the new current_cart and everything is lost.


By the way im doing everything via ajax.

-- 
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en.

but why does the session changes? or why cant i access it form the destroy
method?

-- 
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en.

any before filters clearing it out?

with AJAX, if your rails app is on a different domain than the page
hosting the form the cookies may get blocked resulting in no session
information being available.



On Mar 17, 5:00 pm, radhames brito
<rbri...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
wrote:
> On Thu, Mar 17, 2011 at 4:54 PM, Tony Primerano
<tony.primer...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>wrote:
>
> > does it work when you uncomment this line in destroy?
>
> > # @cart = current_cart
>
> If i do that what happens is that since the session is nil a new cart i
> created and i lose all the items in the original "current_cart"
> and a new cart is rendered with no items.
>
> even if i successfully delete the right line_item, when the cart is update
> is populated from the new current_cart and everything is lost.
>
> By the way im doing everything via ajax.
-- 
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-talk+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en.

On 17 March 2011 21:03, radhames brito
<rbritom-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
wrote:
> but why does the session changes? or why cant i access it form the destroy
> method?
Do a global search through your app and make sure you are not
accessing the session anywhere else.
If there are any other references but you believe that you are not
accessing them then put ruby-debug breakpoints at each and make sure
you do not get there.

Colin

-- 
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en.

On Mar 17, 9:00 pm, radhames brito
<rbri...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
wrote:
> On Thu, Mar 17, 2011 at 4:54 PM, Tony Primerano
<tony.primer...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>wrote:
>
> > does it work when you uncomment this line in destroy?
>
> > # @cart = current_cart
>
> If i do that what happens is that since the session is nil a new cart i
> created and i lose all the items in the original "current_cart"
> and a new cart is rendered with no items.
>
> even if i successfully delete the right line_item, when the cart is update
> is populated from the new current_cart and everything is lost.
>
> By the way im doing everything via ajax.
When the create action gets called is there also another ajax action
that gets triggered by the browser at roughly the same time? There can
be race conditions when that sort of things happens.

Fred

-- 
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-talk+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en.

On Thu, Mar 17, 2011 at 5:47 PM, Frederick Cheung <
frederick.cheung-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:
>
>
> On Mar 17, 9:00 pm, radhames brito
<rbri...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:
> > On Thu, Mar 17, 2011 at 4:54 PM, Tony Primerano <
> tony.primer...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>wrote:
> >
> > > does it work when you uncomment this line in destroy?
> >
> > > # @cart = current_cart
> >
> > If i do that what happens is that since the session is nil a new cart
i
> > created and i lose all the items in the original
"current_cart"
> > and a new cart is rendered with no items.
> >
> > even if i successfully delete the right line_item, when the cart is
> update
> > is populated from the new current_cart and everything is lost.
> >
> > By the way im doing everything via ajax.
>
> When the create action gets called is there also another ajax action
> that gets triggered by the browser at roughly the same time? There can
> be race conditions when that sort of things happens.
>
> no other ajax call is made
-- 
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en.

On Thu, Mar 17, 2011 at 5:06 PM, Tony Primerano
<tony.primerano-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>wrote:
> any before filters clearing it out?
>
> with AJAX, if your rails app is on a different domain than the page
> hosting the form the cookies may get blocked resulting in no session
> information being available.
>
>
>
It works well without ajax, there seem to be a problem when calling the
action via ajax

-- 
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en.

i official , if i try to do and ajax request to the destroy action i cant
access the session, can some on please test to see if its a bug?

-- 
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en.

in debuggin, if i stop to check the session during the destroy action  i get
this

"DEPRECATION WARNING: Disabling sessions for a single controller has been
deprecated. Sessions are now lazy loaded. So if you don''t access them,
consider them off. You can still modify the session cookie options with
request.session_options. (called from block in at_line at (eval):5)"


as if am using

session :off

but am not, could this be related to devise?

-- 
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en.

it seems to be realted to my rails.js file  i think is not passing the
csrf_token on every request

-- 
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en.

ok , i just confirmed this. here is the problem

my rails.js file i installed with jquery rails, is not properlly passing the
csrf token so

"The request will also not include the required CSRF data, and as of Rails
3.0.4 the session is silently reset instead of throwing an
ActionController::InvalidAuthenticityToken error. This is why you suspect
the authentication issue lies with Devise, but it is actually being
triggered within Rails itself."

that is why i cant see the session from the destroy action, when i remove

protect_from_forgery

from the application_controller everything works ok , it also works if the
request is not ajax based with protect_from_forgery enable.

-- 
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en.

Ok is fixed by downloading the latest rais.js that supports rails 3.0.4

it has this new method in it which makes sure the csrf token is sent on
every request

// Make sure that every Ajax request sends the CSRF token
function CSRFProtection(xhr) {
var token =
$(''meta[name="csrf-token"]'').attr(''content'');
if (token) xhr.setRequestHeader(''X-CSRF-Token'', token);
}
if (''ajaxPrefilter'' in $) $.ajaxPrefilter(function(options,
originalOptions,
xhr){ CSRFProtection(xhr) });
else $(document).ajaxSend(function(e, xhr){ CSRFProtection(xhr) });

-- 
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en.