Didn''t think I''d be back so quick with another question but here goes: In this recipe for the signin or login (as I call it) there are these two lines if the user authenticates correctly: session[:user] = user.id redirect_to :action => session[:intended_action], :controller => session[:intended_controller] So I''m not seeing anything in the way of an explanation but reading the code it looks like there should be a session controller with a session action . Is that correct ? Right now I have a sessions table set up, I''ve made the changes in environment.rb to do sessions via an ActiveRecord store. So the table was created via the rake::db::sessions command. I still don''t see how the user logged in reflect in the sessions table. In the sessions table there is: id - just an auto-inc column session_id data and updated column Both session_id and data are hashed columns so I''m not sure what is inside ? I guess I''ve asked a few questions here . TIA Stuart
On Mon, 2006-08-07 at 11:03 -0600, Dark Ambient wrote:> Didn''t think I''d be back so quick with another question but here goes: > > In this recipe for the signin or login (as I call it) there are these > two lines if the user authenticates correctly: > > session[:user] = user.id > redirect_to :action => session[:intended_action], > :controller => session[:intended_controller] > > So I''m not seeing anything in the way of an explanation but reading > the code it looks like there should be a session controller with a > session action . Is that correct ? > > Right now I have a sessions table set up, I''ve made the changes in > environment.rb to do sessions via an ActiveRecord store. So the table > was created via the rake::db::sessions command. > > I still don''t see how the user logged in reflect in the sessions table. > In the sessions table there is: > id - just an auto-inc column > session_id > data > and updated column > Both session_id and data are hashed columns so I''m not sure what is inside ? > I guess I''ve asked a few questions here .---- why not just add <%= session debug %> into one of your views to see what is stored in the hash? Craig
Rails handles session management for you, you don''t need to create your own table. You get the session object for free. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://wrath.rubyonrails.org/pipermail/rails/attachments/20060807/947b0bbd/attachment.html
I didn''t create my own table, I used rake:create:session:db. Is that all I need ? Stuart On 8/7/06, Jim Lindley <jimlindley@gmail.com> wrote:> Rails handles session management for you, you don''t need to create your own > table. You get the session object for free. > > _______________________________________________ > Rails mailing list > Rails@lists.rubyonrails.org > http://lists.rubyonrails.org/mailman/listinfo/rails > > >
Charlie Bowman
2006-Aug-07  19:40 UTC
[Rails] Rails Recipes question - authenticating users
On 8/7/06, Jim Lindley <jimlindley@gmail.com> wrote:> Rails handles session management for you, you don''t need to create your own > table. You get the session object for free. > > _______________________________________________ > Rails mailing list > Rails@lists.rubyonrails.org > http://lists.rubyonrails.org/mailman/listinfo/rails > >session[:intended_controller] and such represent the session hash. This data is held with the session object. It will not have a database field for each element of the hash. You will have to set these values somewhere in your code.
On 8/7/06, Jim Lindley <jimlindley@gmail.com> wrote:> > Rails handles session management for you, you don''t need to create your > own table. You get the session object for free. >Additional info - Rails gives you these objects: session cookie params request flash logger and a few others that I am sure I''m forgetting. You don''t have to set those up, although you can configure them in different ways. So, don''t create a session controller. What you ran with rake was to convert the sessions from being saved on the filesystem to being saved in the DB. You don''t need to access that table directly. Just work with the object. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://wrath.rubyonrails.org/pipermail/rails/attachments/20060807/c2fddd7f/attachment.html
Sorry, I''ll re-read awdwr on sessions but what do you mean set those values somewhere in my code ? Stuart On 8/7/06, Charlie Bowman <charlesmbowman@gmail.com> wrote:> On 8/7/06, Jim Lindley <jimlindley@gmail.com> wrote: > > Rails handles session management for you, you don''t need to create your own > > table. You get the session object for free. > > > > _______________________________________________ > > Rails mailing list > > Rails@lists.rubyonrails.org > > http://lists.rubyonrails.org/mailman/listinfo/rails > > > > > session[:intended_controller] and such represent the session hash. > This data is held with the session object. It will not have a database > field for each element of the hash. You will have to set these values > somewhere in your code. > _______________________________________________ > Rails mailing list > Rails@lists.rubyonrails.org > http://lists.rubyonrails.org/mailman/listinfo/rails >
K...that helps...thank you ! Stuart On 8/7/06, Jim Lindley <jimlindley@gmail.com> wrote:> > > > On 8/7/06, Jim Lindley <jimlindley@gmail.com> wrote: > > > > Rails handles session management for you, you don''t need to create your > own table. You get the session object for free. > > > > Additional info - Rails gives you these objects: > > session > cookie > params > request > flash > logger > > and a few others that I am sure I''m forgetting. > > You don''t have to set those up, although you can configure them in different > ways. So, don''t create a session controller. What you ran with rake was to > convert the sessions from being saved on the filesystem to being saved in > the DB. You don''t need to access that table directly. Just work with the > object. > > _______________________________________________ > Rails mailing list > Rails@lists.rubyonrails.org > http://lists.rubyonrails.org/mailman/listinfo/rails > > >
Martin Smith
2006-Aug-08  15:32 UTC
[Rails] Re: Rails Recipes question - authenticating users
Nah, What the example is doing is trying to take the user to the page they were attempting to get to before they where forced to logon. 1. User attempts to go to edit widget page - http://host/widgets/edit/1 2. Edit widget page is secured by some authentication code, so it redirects you to the login page (but storing in the session the page you actualy wanted to go to) 3. User logs on, and after logging on redirects the user back to the page they had requested back at the start. ''session'' is a variable, a hash to be more precise. Get me the value from the hash for the key called ''intended_action'' session[:intended_action] -> ''edit'' session[:intended_controller] -> ''widgets'' Where as session[:user] = user.id mean put an object in the session with a key of ''user'' Hope this helps, Martin -- Posted via http://www.ruby-forum.com/.