Hi,
I''m creating a website with Ruby on Rails, that has a user account
feature. On the side bar, I have a login form. But if the user logs
in, I want it to no display the user login form, but rather hello
user_name. I am guessing I would set up a if statement, perhaps like
this?
<% if session[:uid] = @user.id -%>
<% else -%>
Login Form
<% end %>
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en
-~----------~----~----~----~------~----~------~--~---
Oops, sorry about that, I accidentally sent it somehow... Anyway, for the <% if session[:uid] = @user.id -%> , I don''t know what would go in there... Thanks for your help... On Jun 2, 8:50 pm, cz231 <cz2...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:> Hi, > I''m creating a website with Ruby on Rails, that has a user account > feature. On the side bar, I have a login form. But if the user logs > in, I want it to no display the user login form, but rather hello > user_name. I am guessing I would set up a if statement, perhaps like > this? > > <% if session[:uid] = @user.id -%> > > <% else -%> > > Login Form > <% end %>--~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
cz231 wrote:> Oops, sorry about that, I accidentally sent it somehow... > > Anyway, for the <% if session[:uid] = @user.id -%> , I don''t know what > would go in there... > > Thanks for your help...Really all you want to know is if there is a session[:uid] - <% if session[:uid] %> if there is then the user is logged in, otherwise it will be nil. However, there''s some more to it. I would recommend you pull down the restful_authentication plugin, run the generator and then examine the code to see how they do all this, which will teach you a lot. For instance, Restful_Authentication exposes the currently logged in user with "current_user" and also methods like "logged_in?" and "authorized?" that will assist with what you are trying to do. -- Posted via http://www.ruby-forum.com/. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
Hmm...that doesn''t work...Does anyone else know? I''ll have to look into that plugin too... Right now I''m trying <% if session[:uid] != nil -%> <p>Welcome User</p> <% else -%> Login Form <% end -%> Thanks for any help... On Jun 2, 9:02 pm, Cayce Balara <rails-mailing-l...-ARtvInVfO7ksV2N9l4h3zg@public.gmane.org> wrote:> cz231 wrote: > > Oops, sorry about that, I accidentally sent it somehow... > > > Anyway, for the <% if session[:uid] = @user.id -%> , I don''t know what > > would go in there... > > > Thanks for your help... > > Really all you want to know is if there is a session[:uid] - > > <% if session[:uid] %> > > if there is then the user is logged in, otherwise it will be nil. > > However, there''s some more to it. I would recommend you pull down the > restful_authentication plugin, run the generator and then examine the > code to see how they do all this, which will teach you a lot. > > For instance, Restful_Authentication exposes the currently logged in > user with "current_user" and also methods like "logged_in?" and > "authorized?" that will assist with what you are trying to do. > -- > Posted viahttp://www.ruby-forum.com/.--~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
<% if session[:uid].blank? %>
Login Form
<% else %>
<%="Hello id: #{session[:uid]}" %>
<% end %>
-Fredrik
cz231 wrote:> Hmm...that doesn''t work...Does anyone else know?
> I''ll have to look into that plugin too...
>
> Right now I''m trying
> <% if session[:uid] != nil -%>
> <p>Welcome User</p>
>
> <% else -%>
> Login Form
> <% end -%>
>
> Thanks for any help...
>
> On Jun 2, 9:02 pm, Cayce Balara
<rails-mailing-l...-ARtvInVfO7ksV2N9l4h3zg@public.gmane.org>
> wrote:
>
>> cz231 wrote:
>>
>>> Oops, sorry about that, I accidentally sent it somehow...
>>>
>>> Anyway, for the <% if session[:uid] = @user.id -%> , I
don''t know what
>>> would go in there...
>>>
>>> Thanks for your help...
>>>
>> Really all you want to know is if there is a session[:uid] -
>>
>> <% if session[:uid] %>
>>
>> if there is then the user is logged in, otherwise it will be nil.
>>
>> However, there''s some more to it. I would recommend you pull
down the
>> restful_authentication plugin, run the generator and then examine the
>> code to see how they do all this, which will teach you a lot.
>>
>> For instance, Restful_Authentication exposes the currently logged in
>> user with "current_user" and also methods like
"logged_in?" and
>> "authorized?" that will assist with what you are trying to
do.
>> --
>> Posted viahttp://www.ruby-forum.com/.
>>
> >
>
>
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en
-~----------~----~----~----~------~----~------~--~---
That still doesn''t work. Maybe I haven''t given you enough info...I''m using the LoginGenerator if that changes things... http://wiki.rubyonrails.org/rails/pages/LoginGenerator Thanks. On Jun 4, 11:47 pm, Fredrik Thuresson <fredrik.thures...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:> <% if session[:uid].blank? %> > Login Form > <% else %> > <%="Hello id: #{session[:uid]}" %> > <% end %> > > -Fredrik > > cz231 wrote: > > Hmm...that doesn''t work...Does anyone else know? > > I''ll have to look into that plugin too... > > > Right now I''m trying > > <% if session[:uid] != nil -%> > > <p>Welcome User</p> > > > <% else -%> > > Login Form > > <% end -%> > > > Thanks for any help... > > > On Jun 2, 9:02 pm, Cayce Balara <rails-mailing-l...-ARtvInVfO7ksV2N9l4h3zg@public.gmane.org> > > wrote: > > >> cz231 wrote: > > >>> Oops, sorry about that, I accidentally sent it somehow... > > >>> Anyway, for the <% if session[:uid] = @user.id -%> , I don''t know what > >>> would go in there... > > >>> Thanks for your help... > > >> Really all you want to know is if there is a session[:uid] - > > >> <% if session[:uid] %> > > >> if there is then the user is logged in, otherwise it will be nil. > > >> However, there''s some more to it. I would recommend you pull down the > >> restful_authentication plugin, run the generator and then examine the > >> code to see how they do all this, which will teach you a lot. > > >> For instance, Restful_Authentication exposes the currently logged in > >> user with "current_user" and also methods like "logged_in?" and > >> "authorized?" that will assist with what you are trying to do. > >> -- > >> Posted viahttp://www.ruby-forum.com/.--~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
The login generator was deprecated ages ago, you could try using acts_as_authenticated or restful_authentication (the latter being the latest), and seeing if they work (they should) On Fri, Jun 6, 2008 at 10:02 AM, cz231 <cz231g-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:> > > That still doesn''t work. Maybe I haven''t given you enough info...I''m > using the LoginGenerator if that changes things... > http://wiki.rubyonrails.org/rails/pages/LoginGenerator > Thanks. > On Jun 4, 11:47 pm, Fredrik Thuresson <fredrik.thures...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> > wrote: > > <% if session[:uid].blank? %> > > Login Form > > <% else %> > > <%="Hello id: #{session[:uid]}" %> > > <% end %> > > > > -Fredrik > > > > cz231 wrote: > > > Hmm...that doesn''t work...Does anyone else know? > > > I''ll have to look into that plugin too... > > > > > Right now I''m trying > > > <% if session[:uid] != nil -%> > > > <p>Welcome User</p> > > > > > <% else -%> > > > Login Form > > > <% end -%> > > > > > Thanks for any help... > > > > > On Jun 2, 9:02 pm, Cayce Balara <rails-mailing-l...-ARtvInVfO7ksV2N9l4h3zg@public.gmane.org> > > > wrote: > > > > >> cz231 wrote: > > > > >>> Oops, sorry about that, I accidentally sent it somehow... > > > > >>> Anyway, for the <% if session[:uid] = @user.id -%> , I don''t know > what > > >>> would go in there... > > > > >>> Thanks for your help... > > > > >> Really all you want to know is if there is a session[:uid] - > > > > >> <% if session[:uid] %> > > > > >> if there is then the user is logged in, otherwise it will be nil. > > > > >> However, there''s some more to it. I would recommend you pull down the > > >> restful_authentication plugin, run the generator and then examine the > > >> code to see how they do all this, which will teach you a lot. > > > > >> For instance, Restful_Authentication exposes the currently logged in > > >> user with "current_user" and also methods like "logged_in?" and > > >> "authorized?" that will assist with what you are trying to do. > > >> -- > > >> Posted viahttp://www.ruby-forum.com/. > > >-- Appreciated my help? Recommend me on Working With Rails http://workingwithrails.com/person/11030-ryan-bigg --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
I agree with Ryan here. Start off with a decent plugin for authentication. That will do 2 things for you: 1. It''s likely they''ll do a job better you would yourself, and 2. You can learn a lot by reading through the code in these plugins. What I also like about these plugins is that you''re not stuck with a "gate-keeper" style login scenario. Instead you are provided fine grained control of how you manage accesses to your controller actions. They make it easy to provide some controller actions for public access and some restricted access. They are very flexible in this regard and well worth a few minutes of your time getting familiar with them. With restful_authentication, for example, you could do this: <% if logged_in? %> Login Form... <% else %> Welcome your user... <% end %> Makes the intent very clear, so if anyone else were to inspect your code they would understand it''s function right away. On Jun 5, 9:14 pm, "Ryan Bigg (Radar)" <radarliste...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:> The login generator was deprecated ages ago, you could try using > acts_as_authenticated or restful_authentication (the latter being the > latest), and seeing if they work (they should) > > > > On Fri, Jun 6, 2008 at 10:02 AM, cz231 <cz2...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote: > > > That still doesn''t work. Maybe I haven''t given you enough info...I''m > > using the LoginGenerator if that changes things... > >http://wiki.rubyonrails.org/rails/pages/LoginGenerator > > Thanks. > > On Jun 4, 11:47 pm, Fredrik Thuresson <fredrik.thures...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> > > wrote: > > > <% if session[:uid].blank? %> > > > Login Form > > > <% else %> > > > <%="Hello id: #{session[:uid]}" %> > > > <% end %> > > > > -Fredrik > > > > cz231 wrote: > > > > Hmm...that doesn''t work...Does anyone else know? > > > > I''ll have to look into that plugin too... > > > > > Right now I''m trying > > > > <% if session[:uid] != nil -%> > > > > <p>Welcome User</p> > > > > > <% else -%> > > > > Login Form > > > > <% end -%> > > > > > Thanks for any help... > > > > > On Jun 2, 9:02 pm, Cayce Balara <rails-mailing-l...-ARtvInVfO7ksV2N9l4h3zg@public.gmane.org> > > > > wrote: > > > > >> cz231 wrote: > > > > >>> Oops, sorry about that, I accidentally sent it somehow... > > > > >>> Anyway, for the <% if session[:uid] = @user.id -%> , I don''t know > > what > > > >>> would go in there... > > > > >>> Thanks for your help... > > > > >> Really all you want to know is if there is a session[:uid] - > > > > >> <% if session[:uid] %> > > > > >> if there is then the user is logged in, otherwise it will be nil. > > > > >> However, there''s some more to it. I would recommend you pull down the > > > >> restful_authentication plugin, run the generator and then examine the > > > >> code to see how they do all this, which will teach you a lot. > > > > >> For instance, Restful_Authentication exposes the currently logged in > > > >> user with "current_user" and also methods like "logged_in?" and > > > >> "authorized?" that will assist with what you are trying to do. > > > >> -- > > > >> Posted viahttp://www.ruby-forum.com/. > > -- > Appreciated my help? > Recommend me on Working With Railshttp://workingwithrails.com/person/11030-ryan-bigg--~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk-unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
The beta restful_authentication includes a helper method and partial
to do just that, right out of the box:
<% if logged_in? -%>
<div id="user-bar-greeting">Logged in as
<%link_to_current_user :content_method => :login %></div>
<div id="user-bar-action" >(<%= link_to "log
out", logout_path
%>)</div>
<% else -%>
<div id="user-bar-greeting"><%= link_to_login_with_IP
''Not logged
in'', :style => ''border: none;'' %></div>
<div id="user-bar-action" ><%= link_to "Log
in", login_path %> /
<%= link_to "Sign up", signup_path, { :title =>
"Create an
account" } %></div>
<% end -%>
You can put this in your app/views/layouts/application.html.erb layout
file
<div id="top_bar">
<div id="hello_or_login"><%= render :partial =>
''users/
hello_or_login'' %></div>
</div>
with something like this in your stylesheet:
#top_bar { float:right; width:100%; background-
color: #eee; }
#hello_or_login { float:right; text-align:right; color:
#999; }
#hello_or_login div { float:left; clear:none; padding: 0.2em 0.5em;
border-left:1px solid #aaa }
There is also an "if_authorized?" helper method:
<%= if_authorized? :to => :edit, :on => @user do link_to("Edit
#{@user.login}", edit_user_path) end %>
To try out the newer version of restful_authentication, invoke:
git clone git://github.com/technoweenie/restful-authentication.git
restful_authentication
cd restful_authentication/
git checkout --track -b modular origin/modular
Cheers,
flip
(You asked about loggedin/not logged in view hiding, but since I
mentioned authorization filtering too I should mention: removing
something from view does NOT forbid it; only access control in your
controller module will do this. Going farther astray: Another
approach to view-filtering is the "Full Access With Errors" security
pattern: expose all things a visitor might reasonably have access to
by logging in/escalating, then ask for login when action is requested.
See p305ff in "Security Patterns"
http://www.amazon.com/gp/reader/0470858842/ref=sib_dp_pt
)
---
http://infochimps.org
Connected Open Free Data
On Jun 5, 9:53 pm, Robert Walker
<r0b3rt4...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
wrote:> I agree with Ryan here. Start off with a decent plugin for
> authentication. That will do 2 things for you: 1. It''s likely
they''ll
> do a job better you would yourself, and 2. You can learn a lot by
> reading through the code in these plugins.
>
> What I also like about these plugins is that you''re not stuck with
a
> "gate-keeper" style login scenario. Instead you are provided fine
> grained control of how you manage accesses to your controller actions.
> They make it easy to provide some controller actions for public access
> and some restricted access. They are very flexible in this regard and
> well worth a few minutes of your time getting familiar with them.
>
> Withrestful_authentication, for example, you could do this:
>
> <% if logged_in? %>
> Login Form...
> <% else %>
> Welcome your user...
> <% end %>
>
> Makes the intent very clear, so if anyone else were to inspect your
> code they would understand it''s function right away.
>
> On Jun 5, 9:14 pm, "Ryan Bigg (Radar)"
<radarliste...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
> wrote:
>
> > The login generator was deprecated ages ago, you could try using
> > acts_as_authenticated orrestful_authentication(the latter being the
> > latest), and seeing if they work (they should)
>
> > On Fri, Jun 6, 2008 at 10:02 AM, cz231
<cz2...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:
>
> > > That still doesn''t work. Maybe I haven''t given
you enough info...I''m
> > > using the LoginGenerator if that changes things...
> > >http://wiki.rubyonrails.org/rails/pages/LoginGenerator
> > > Thanks.
> > > On Jun 4, 11:47 pm, Fredrik Thuresson
<fredrik.thures...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
> > > wrote:
> > > > <% if session[:uid].blank? %>
> > > > Login Form
> > > > <% else %>
> > > > <%="Hello id: #{session[:uid]}" %>
> > > > <% end %>
>
> > > > -Fredrik
>
> > > > cz231 wrote:
> > > > > Hmm...that doesn''t work...Does anyone else
know?
> > > > > I''ll have to look into that plugin too...
>
> > > > > Right now I''m trying
> > > > > <% if session[:uid] != nil -%>
> > > > > <p>Welcome User</p>
>
> > > > > <% else -%>
> > > > > Login Form
> > > > > <% end -%>
>
> > > > > Thanks for any help...
>
> > > > > On Jun 2, 9:02 pm, Cayce Balara
<rails-mailing-l...-ARtvInVfO7ksV2N9l4h3zg@public.gmane.org>
> > > > > wrote:
>
> > > > >> cz231 wrote:
>
> > > > >>> Oops, sorry about that, I accidentally sent it
somehow...
>
> > > > >>> Anyway, for the <% if session[:uid] =
@user.id -%> , I don''t know
> > > what
> > > > >>> would go in there...
>
> > > > >>> Thanks for your help...
>
> > > > >> Really all you want to know is if there is a
session[:uid] -
>
> > > > >> <% if session[:uid] %>
>
> > > > >> if there is then the user is logged in, otherwise
it will be nil.
>
> > > > >> However, there''s some more to it. I would
recommend you pull down the
> > > > >>restful_authenticationplugin, run the generator and
then examine the
> > > > >> code to see how they do all this, which will teach
you a lot.
>
> > > > >> For instance,Restful_Authenticationexposes the
currently logged in
> > > > >> user with "current_user" and also methods
like "logged_in?" and
> > > > >> "authorized?" that will assist with what
you are trying to do.
> > > > >> --
> > > > >> Posted viahttp://www.ruby-forum.com/.
>
> > --
> > Appreciated my help?
> > Recommend me on Working With
Railshttp://workingwithrails.com/person/11030-ryan-bigg
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-talk-unsubscribe@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en
-~----------~----~----~----~------~----~------~--~---
I was running into similar problems you had and was lucky enough to pick up the book Simply Rails 2 from Amazon which walked me through this and a really simple authentication system so I have a better idea of how it works. Like everyone else has said, grab some code (plugin, another site built with Rails 2, etc.) and just immerse yourself in the code and try and follow where all of the variables are going and where the logic is coming from. You''ll gain a lot of knowledge that way and then keep on trying and breaking things ... failure is only telling you to keep on trying. :) On Jun 6, 7:14 pm, mrflip <f...-C55EMRQ67g0G8FEW9MqTrA@public.gmane.org> wrote:> The beta restful_authentication includes a helper method and partial > to do just that, right out of the box: > > <% if logged_in? -%> > <div id="user-bar-greeting">Logged in as <%> link_to_current_user :content_method => :login %></div> > <div id="user-bar-action" >(<%= link_to "log out", logout_path > %>)</div> > <% else -%> > <div id="user-bar-greeting"><%= link_to_login_with_IP ''Not logged > in'', :style => ''border: none;'' %></div> > <div id="user-bar-action" ><%= link_to "Log in", login_path %> / > <%= link_to "Sign up", signup_path, { :title => "Create an > account" } %></div> > <% end -%> > > You can put this in your app/views/layouts/application.html.erb layout > file > <div id="top_bar"> > <div id="hello_or_login"><%= render :partial => ''users/ > hello_or_login'' %></div> > </div> > with something like this in your stylesheet: > #top_bar { float:right; width:100%; background- > color: #eee; } > #hello_or_login { float:right; text-align:right; color: > #999; } > #hello_or_login div { float:left; clear:none; padding: 0.2em 0.5em; > border-left:1px solid #aaa } > > There is also an "if_authorized?" helper method: > <%= if_authorized? :to => :edit, :on => @user do link_to("Edit > #...@user.login}", edit_user_path) end %> > > To try out the newer version of restful_authentication, invoke: > git clone git://github.com/technoweenie/restful-authentication.git > restful_authentication > cd restful_authentication/ > git checkout --track -b modular origin/modular > > Cheers, > flip > > (You asked about loggedin/not logged in view hiding, but since I > mentioned authorization filtering too I should mention: removing > something from view does NOT forbid it; only access control in your > controller module will do this. Going farther astray: Another > approach to view-filtering is the "Full Access With Errors" security > pattern: expose all things a visitor might reasonably have access to > by logging in/escalating, then ask for login when action is requested. > See p305ff in "Security Patterns"http://www.amazon.com/gp/reader/0470858842/ref=sib_dp_pt > ) > > ---http://infochimps.org > Connected Open Free Data > > On Jun 5, 9:53 pm, Robert Walker <r0b3rt4...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote: > > > I agree with Ryan here. Start off with a decent plugin for > > authentication. That will do 2 things for you: 1. It''s likely they''ll > > do a job better you would yourself, and 2. You can learn a lot by > > reading through the code in these plugins. > > > What I also like about these plugins is that you''re not stuck with a > > "gate-keeper" style login scenario. Instead you are provided fine > > grained control of how you manage accesses to your controller actions. > > They make it easy to provide some controller actions for public access > > and some restricted access. They are very flexible in this regard and > > well worth a few minutes of your time getting familiar with them. > > > Withrestful_authentication, for example, you could do this: > > > <% if logged_in? %> > > Login Form... > > <% else %> > > Welcome your user... > > <% end %> > > > Makes the intent very clear, so if anyone else were to inspect your > > code they would understand it''s function right away. > > > On Jun 5, 9:14 pm, "Ryan Bigg (Radar)" <radarliste...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> > > wrote: > > > > The login generator was deprecated ages ago, you could try using > > > acts_as_authenticated orrestful_authentication(the latter being the > > > latest), and seeing if they work (they should) > > > > On Fri, Jun 6, 2008 at 10:02 AM, cz231 <cz2...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote: > > > > > That still doesn''t work. Maybe I haven''t given you enough info...I''m > > > > using the LoginGenerator if that changes things... > > > >http://wiki.rubyonrails.org/rails/pages/LoginGenerator > > > > Thanks. > > > > On Jun 4, 11:47 pm, Fredrik Thuresson <fredrik.thures...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> > > > > wrote: > > > > > <% if session[:uid].blank? %> > > > > > Login Form > > > > > <% else %> > > > > > <%="Hello id: #{session[:uid]}" %> > > > > > <% end %> > > > > > > -Fredrik > > > > > > cz231 wrote: > > > > > > Hmm...that doesn''t work...Does anyone else know? > > > > > > I''ll have to look into that plugin too... > > > > > > > Right now I''m trying > > > > > > <% if session[:uid] != nil -%> > > > > > > <p>Welcome User</p> > > > > > > > <% else -%> > > > > > > Login Form > > > > > > <% end -%> > > > > > > > Thanks for any help... > > > > > > > On Jun 2, 9:02 pm, Cayce Balara <rails-mailing-l...-ARtvInVfO7m5VldFQK4jKA@public.gmane.orgt> > > > > > > wrote: > > > > > > >> cz231 wrote: > > > > > > >>> Oops, sorry about that, I accidentally sent it somehow... > > > > > > >>> Anyway, for the <% if session[:uid] = @user.id -%> , I don''t know > > > > what > > > > > >>> would go in there... > > > > > > >>> Thanks for your help... > > > > > > >> Really all you want to know is if there is a session[:uid] - > > > > > > >> <% if session[:uid] %> > > > > > > >> if there is then the user is logged in, otherwise it will be nil. > > > > > > >> However, there''s some more to it. I would recommend you pull down the > > > > > >>restful_authenticationplugin, run the generator and then examine the > > > > > >> code to see how they do all this, which will teach you a lot. > > > > > > >> For instance,Restful_Authenticationexposes the currently logged in > > > > > >> user with "current_user" and also methods like "logged_in?" and > > > > > >> "authorized?" that will assist with what you are trying to do. > > > > > >> -- > > > > > >> Posted viahttp://www.ruby-forum.com/. > > > > -- > > > Appreciated my help? > > > Recommend me on Working With Railshttp://workingwithrails.com/person/11030-ryan-bigg--~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk-unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
Wow...thanks for all the response! I didn''t know what I was using was deprecated generator, you''d think it would be clearly shown, so noobs like me wouldn''t use it. So is there some way to reverse using that generator and then do you guys have any personal favorite plugins? Thanks again On Jun 6, 10:14 pm, Bobnation <boblmart...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:> I was running into similar problems you had and was lucky enough to > pick up the book Simply Rails 2 from Amazon which walked me through > this and a really simple authentication system so I have a better idea > of how it works. > > Like everyone else has said, grab some code (plugin, another site > built with Rails 2, etc.) and just immerse yourself in the code and > try and follow where all of the variables are going and where the > logic is coming from. You''ll gain a lot of knowledge that way and then > keep on trying and breaking things ... failure is only telling you to > keep on trying. :) > > On Jun 6, 7:14 pm, mrflip <f...-C55EMRQ67g0G8FEW9MqTrA@public.gmane.org> wrote: > > > The beta restful_authentication includes a helper method and partial > > to do just that, right out of the box: > > > <% if logged_in? -%> > > <div id="user-bar-greeting">Logged in as <%> > link_to_current_user :content_method => :login %></div> > > <div id="user-bar-action" >(<%= link_to "log out", logout_path > > %>)</div> > > <% else -%> > > <div id="user-bar-greeting"><%= link_to_login_with_IP ''Not logged > > in'', :style => ''border: none;'' %></div> > > <div id="user-bar-action" ><%= link_to "Log in", login_path %> / > > <%= link_to "Sign up", signup_path, { :title => "Create an > > account" } %></div> > > <% end -%> > > > You can put this in your app/views/layouts/application.html.erb layout > > file > > <div id="top_bar"> > > <div id="hello_or_login"><%= render :partial => ''users/ > > hello_or_login'' %></div> > > </div> > > with something like this in your stylesheet: > > #top_bar { float:right; width:100%; background- > > color: #eee; } > > #hello_or_login { float:right; text-align:right; color: > > #999; } > > #hello_or_login div { float:left; clear:none; padding: 0.2em 0.5em; > > border-left:1px solid #aaa } > > > There is also an "if_authorized?" helper method: > > <%= if_authorized? :to => :edit, :on => @user do link_to("Edit > > #...@user.login}", edit_user_path) end %> > > > To try out the newer version of restful_authentication, invoke: > > git clone git://github.com/technoweenie/restful-authentication.git > > restful_authentication > > cd restful_authentication/ > > git checkout --track -b modular origin/modular > > > Cheers, > > flip > > > (You asked about loggedin/not logged in view hiding, but since I > > mentioned authorization filtering too I should mention: removing > > something from view does NOT forbid it; only access control in your > > controller module will do this. Going farther astray: Another > > approach to view-filtering is the "Full Access With Errors" security > > pattern: expose all things a visitor might reasonably have access to > > by logging in/escalating, then ask for login when action is requested. > > See p305ff in "Security Patterns"http://www.amazon.com/gp/reader/0470858842/ref=sib_dp_pt > > ) > > > ---http://infochimps.org > > Connected Open Free Data > > > On Jun 5, 9:53 pm, Robert Walker <r0b3rt4...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote: > > > > I agree with Ryan here. Start off with a decent plugin for > > > authentication. That will do 2 things for you: 1. It''s likely they''ll > > > do a job better you would yourself, and 2. You can learn a lot by > > > reading through the code in these plugins. > > > > What I also like about these plugins is that you''re not stuck with a > > > "gate-keeper" style login scenario. Instead you are provided fine > > > grained control of how you manage accesses to your controller actions. > > > They make it easy to provide some controller actions for public access > > > and some restricted access. They are very flexible in this regard and > > > well worth a few minutes of your time getting familiar with them. > > > > Withrestful_authentication, for example, you could do this: > > > > <% if logged_in? %> > > > Login Form... > > > <% else %> > > > Welcome your user... > > > <% end %> > > > > Makes the intent very clear, so if anyone else were to inspect your > > > code they would understand it''s function right away. > > > > On Jun 5, 9:14 pm, "Ryan Bigg (Radar)" <radarliste...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> > > > wrote: > > > > > The login generator was deprecated ages ago, you could try using > > > > acts_as_authenticated orrestful_authentication(the latter being the > > > > latest), and seeing if they work (they should) > > > > > On Fri, Jun 6, 2008 at 10:02 AM, cz231 <cz2...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote: > > > > > > That still doesn''t work. Maybe I haven''t given you enough info...I''m > > > > > using the LoginGenerator if that changes things... > > > > >http://wiki.rubyonrails.org/rails/pages/LoginGenerator > > > > > Thanks. > > > > > On Jun 4, 11:47 pm, Fredrik Thuresson <fredrik.thures...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> > > > > > wrote: > > > > > > <% if session[:uid].blank? %> > > > > > > Login Form > > > > > > <% else %> > > > > > > <%="Hello id: #{session[:uid]}" %> > > > > > > <% end %> > > > > > > > -Fredrik > > > > > > > cz231 wrote: > > > > > > > Hmm...that doesn''t work...Does anyone else know? > > > > > > > I''ll have to look into that plugin too... > > > > > > > > Right now I''m trying > > > > > > > <% if session[:uid] != nil -%> > > > > > > > <p>Welcome User</p> > > > > > > > > <% else -%> > > > > > > > Login Form > > > > > > > <% end -%> > > > > > > > > Thanks for any help... > > > > > > > > On Jun 2, 9:02 pm, Cayce Balara <rails-mailing-l...-ARtvInVfO7ksV2N9l4h3zg@public.gmane.org> > > > > > > > wrote: > > > > > > > >> cz231 wrote: > > > > > > > >>> Oops, sorry about that, I accidentally sent it somehow... > > > > > > > >>> Anyway, for the <% if session[:uid] = @user.id -%> , I don''t know > > > > > what > > > > > > >>> would go in there... > > > > > > > >>> Thanks for your help... > > > > > > > >> Really all you want to know is if there is a session[:uid] - > > > > > > > >> <% if session[:uid] %> > > > > > > > >> if there is then the user is logged in, otherwise it will be nil. > > > > > > > >> However, there''s some more to it. I would recommend you pull down the > > > > > > >>restful_authenticationplugin, run the generator and then examine the > > > > > > >> code to see how they do all this, which will teach you a lot. > > > > > > > >> For instance,Restful_Authenticationexposes the currently logged in > > > > > > >> user with "current_user" and also methods like "logged_in?" and > > > > > > >> "authorized?" that will assist with what you are trying to do. > > > > > > >> -- > > > > > > >> Posted viahttp://www.ruby-forum.com/. > > > > > -- > > > > Appreciated my help? > > > > Recommend me on Working With Railshttp://workingwithrails.com/person/11030-ryan-bigg--~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---