I intent to change it when the admin user log in and log out. Is it possible and how can I do it?
You can change environment variables through the ENV hash.
For example, you can have a method like this which gets called when the logout button is clicked:
def logout_admin
ENV["ADMIN_LOGGED_IN"] = false
end
This isn't a typical way to do auth. Usually people use a session token in the database. Really you can use the ENV the hash the same as global variables (it won't persist if you reboot the rails app, anyway).
Related
I'm trying to find out where to set a session variable once a user has logged in using Devise. I found this post (and others):
Set a session variable in devise on sign in
So I tried something like this:
protected
# when a user logs in
def after_sign_in_path_for(resource_or_scope)
session[:current_account_id] = current_user.accounts.find_by_is_default(true).id # get id of row where it's is_default is set as true
abort(session[:current_account_id])
end
..but no joy. I don't want to do an alternative redirect (as the issue in the link was asking), just set a session variable when the user logs in, so I'm not sure if this is the callback I'm wanting. Also, I may have my find_by_ method wrong but I was hoping I could debug (using abort) once the script gets that far - but it doesn't appear to be as abort doesn't seem to be called. Any help much appreciated. Thanks
Make sure the protected method is located inside of ApplicationController.
I have more than one applications. I want to be able to share a session between them using cookie_store.
Application A:
before_filter :authenticate_from!
def authenticate_from!
unless session['warden.user.user.key'].nil?
#user=User.find_or_initialize_by_id(ky[1])
sign_in #user
end
end
It can work, but application B session can not be identified.
What should I do?
This can be done, but both of these applications will need to have a common subdomain and the secret_token value in your configuration will have to be identical.
For instance, you can have app1.example.com and app2.example.com so long as the cookie is assigned to .example.com.
The options for this are stored in config/initializers/session_store.rb and config/initializers/secret_token.rb.
As a note, ensure that your secret token value is as long and random as in a default install. Don't just switch to something short and convenient.
In Rails its easy to store and retrieve session variables.
for e.g
session[:user_id] = #current_user.id
I was wondering if there is something this like in rhodes too.
Like in rails request parameters are accessible through
params['name']
while in rhodes its
#params['name']
If there is nothing like session variable, can anyone suggest some work around for managing sessions. like using global variables that are available across multiple requests.
Comments/Hints, please?
thanx.
I implemented my own session in rhodes.
Assuming that a rhodes app will have only one user you don't need to detect in wich user or "session" you are, so you will have only one session.
I created a global hash, named $session, where you put and get your values:
In the application.rb I put this:
$session ||= {}
And I use it thus:
$session[:user] = 'john'
puts $session[:user]
You could also store persistent values in the Redis database as a key/value pairs database.
Ok, I have a Rails 3 application and I am using CouchDB as my primary database to take advantage of it's replication capabilities.
Anyway, what I want to do is store some configuration type stuff in 1 document in the database and load the values of this configuration file one time when the app starts up in production and reload ONLY if the user goes to the admin panel and explicitly requests it to happen. I was thinking by touching a URL to clear the loaded config or something.
My thought was that I would just create a before_filter in application_controller, but since I am new to rails, I didn't know if this was the proper way to do this.
before_filter :get_config
private
def get_config
#config = Config.get('_id')
end
Clearly this would run every request, which I don't want or need. Is there a way to save the config output so I don't have to fetch it every single request, or is there a better way to do this.
Thanks in advance.
Actually I am writing an article about the proper way of using global variables in rails. This seems to be the case to introduce global variables, as their values are shared across different users.
In your before_filter, try this:
def get_config
$config ||= Config.get('_id')
end
This would call Config.get('_id') only if $config is false or nil. Otherwise, $config wiil remain unchanged.
The tricky part is global variables (starting with a $ sign) alive in the whole application. So $config is available everywhere (and that would be a problem for careless design!)
Another point is, as you said you are new to rails, I do suggest you to read more about global variables before you use it and DO NOT ADDICT to it.
I am using this to access session in Model.
http://www.zorched.net/2007/05/29/making-session-data-available-to-models-in-ruby-on-rails/
Can anybody confirm that it will work with Apache + Passenger deployment too?
Or if there are any other alternatives to achieve the same?
Thanks,
Imran
I did not find any code on the internet that works, so I did some research and wrote my own. It works for Rails 3.2.x and probably on some other versions.
Insert this in your ApplicationController
# Set a filter that is invoked on every request
before_filter :_set_current_session
protected
def _set_current_session
# Define an accessor. The session is always in the current controller
# instance in #_request.session. So we need a way to access this in
# our model
accessor = instance_variable_get(:#_request)
# This defines a method session in ActiveRecord::Base. If your model
# inherits from another Base Class (when using MongoMapper or similar),
# insert the class here.
ActiveRecord::Base.send(:define_method, "session", proc {accessor.session})
end
I will not remind you that accessing your session from a model may lead to bad code. Other posts may tell you, that you are stupid. Though there are some valid reasons to access the session from your model, like implementing a Model.save method, that saves to the current users session.
Yes. It is the only efficient way I found to use session data in model. I also used it and never faced any deployment issue with Apache + passenger.
But you need to confirm when you will be playing with session values. On each new request to server, session value gets stored in thread and we can access it in model. If you are applying any logic by using thread value, then also make sure with situation when thread value might be nil also.
Because I got an issue where on development, my every code worked fine but on production, during starting server it caused an issue as initially it considered thread value as nil.