Hi, this is probably trivial: after the session expires, the user is redirected to the login page upon invoking any action. this is done by a before_filter function in application.rb. The problem is when the user clicks an ajax link - the login page appears inside of the updated div. what would be the best way to fix this? -- Thanks, Agnieszka Figiel
Agnieszka Figiel <agnieszka.figiel@...> writes:> > Hi, > > this is probably trivial: after the session expires, the user is > redirected to the login page upon invoking any action. this is done by > a before_filter function in application.rb. The problem is when the > user clicks an ajax link - the login page appears inside of the > updated div. what would be the best way to fix this? >Are you using Internet Explorer to test? I had the same problem yesterday. IE would do what you described (actually, it did it no matter what after just a couple requests), but Firefox didn''t. Here''s my login action in my account controller: def login if request.get? # Given that this is first request, and the "else" below # is the second, then setting the session''s :user_id to nil # will break the fourth request in IE. # Can you say PHUNK!? I knew you could... # session[:user_id] = nil @user = User.new else @user = User.new(params[:user]) logged_in_user = @user.try_to_login if logged_in_user session[:user_id] = logged_in_user.id redirect_to :controller => ''home'' and return false else flash[:notice] = "Invalid user name/password combination" end end end I know, doesn''t make any sense. It''s not even the before_filter method. Still, for some really odd reason this broke IE for me. Hope this helps. :)
It depends on what page you return when the session is expired. If the HTTP status code is not in the 2XX range, you could use the :failure callback of link_to_remote. If your session expired is a regular page, then you could check in the :loaded or :complete callbacks and based on your check you could either redisplay the page, or simply redirect it somewhere else. Bogdan On 9/8/05, Agnieszka Figiel <agnieszka.figiel-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:> > Hi, > > this is probably trivial: after the session expires, the user is > redirected to the login page upon invoking any action. this is done by > a before_filter function in application.rb. The problem is when the > user clicks an ajax link - the login page appears inside of the > updated div. what would be the best way to fix this? > > -- > Thanks, > Agnieszka Figiel > _______________________________________________ > Rails mailing list > Rails-1W37MKcQCpIf0INCOvqR/iCwEArCW2h5@public.gmane.org > http://lists.rubyonrails.org/mailman/listinfo/rails >_______________________________________________ Rails mailing list Rails-1W37MKcQCpIf0INCOvqR/iCwEArCW2h5@public.gmane.org http://lists.rubyonrails.org/mailman/listinfo/rails
On 9/8/05, Bogdan Ionescu <bogdan.ionescu-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:> It depends on what page you return when the session is expired. > If the HTTP status code is not in the 2XX range, you could use the :failure > callback of link_to_remote. > If your session expired is a regular page, then you could check in the > :loaded or :complete > callbacks and based on your check you could either redisplay the page, or > simply redirect it somewhere else. > Bogdan >Thanks Bogdan - I probably misunderstood your hint, but my problem right now is not how to know if the session is expired but how to redirect so that the page doesn''t load in the div :-) for instance I could use the session checking method in application controller and add a piece like "if request.xhr?" to know that it is this situation, an ajax call after session expiration, but what to do next to have it display the page properly? I''m using a normal redirect to the login action and it lands in the div :| (I''m quite inexperienced so I might be missing something very basic here... ) -- Agnieszka Figiel
On 9/8/05, Sam Smoot <ssmoot-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:> Agnieszka Figiel <agnieszka.figiel@...> writes: > > > > > Hi, > > > > this is probably trivial: after the session expires, the user is > > redirected to the login page upon invoking any action. this is done by > > a before_filter function in application.rb. The problem is when the > > user clicks an ajax link - the login page appears inside of the > > updated div. what would be the best way to fix this? > > > > > Are you using Internet Explorer to test? I had the same problem yesterday.no, firefox :-) thanks anyway :-) -- Agnieszka Figiel
Hi,
Here''s something I just threw together.
Take a look at the "if @request.xhr?" block. It assumes that
''/'' is a
protected resource
but if it''s not for your system just change it to something sensible.
Regards,
Trevor
def login_required
if not protect?(action_name)
return true
end
if @session[:user] and authorize?(@session[:user])
return true
end
if @request.xhr?
render(:status => "555 Ajax Logins Are Tricky",
:inline => "<h1>You need to login. Redirecting
you.</h1><script>document.location =
''/'';</script>")
return false
end
# store current location so that we can
# come back after the user logged in
store_location
# call overwriteable reaction to unauthorized access
access_denied
return false
end
On 9-Sep-05, at 5:50 AM, Agnieszka Figiel wrote:
> On 9/8/05, Bogdan Ionescu
<bogdan.ionescu-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:
>> It depends on what page you return when the session is expired.
>> If the HTTP status code is not in the 2XX range, you could use the
>> :failure
>> callback of link_to_remote.
>> If your session expired is a regular page, then you could check in
>> the
>> :loaded or :complete
>> callbacks and based on your check you could either redisplay the
>> page, or
>> simply redirect it somewhere else.
>> Bogdan
>>
>
> Thanks Bogdan - I probably misunderstood your hint, but my problem
> right now is not how to know if the session is expired but how to
> redirect so that the page doesn''t load in the div :-) for instance
I
> could use the session checking method in application controller and
> add a piece like "if request.xhr?" to know that it is this
situation,
> an ajax call after session expiration, but what to do next to have it
> display the page properly? I''m using a normal redirect to the
login
> action and it lands in the div :| (I''m quite inexperienced so I
might
> be missing something very basic here... )
>
> --
> Agnieszka Figiel
> _______________________________________________
> Rails mailing list
> Rails-1W37MKcQCpIf0INCOvqR/iCwEArCW2h5@public.gmane.org
> http://lists.rubyonrails.org/mailman/listinfo/rails