I'm trying to allow my users to sign in and I have narrowed my problem to one method.
in session_helper.rb
def sign_in(user)
remember_token = User.new_remember_token
cookies.permanent[:remember_token] = remember_token
user.update_attribute(:remember_token, User.encrypt(remember_token))
self.current_user = user
end
def signed_in?
!current_user.nil?
end
How do I check what my current column structure is in my database and make fix this issue?
If a user signs in, it gives a positive flash response.
sessions_controller.rb
def new
end
def create
user = User.find_by_email(params[:session][:email])
if user && user.authenticate(params[:session][:password])
sign_in user
flash[:success] = 'Signed in'
redirect_to user
else
flash.now[:error] = 'Invalid email/password combination'
render 'new'
end
end
but it still returns signed_in? as false.
Any ideas?
Related
I'm using Rails 4.2 on a project and the helper doesn't seem to be loading.
I've got a sessions_controller.rb:
class SessionsController < ApplicationController
def new
if signed_in?
redirect_to admin_path
else
render layout: 'login'
end
end
def create
#controller_js = ''
user = User.find_by(email: params[:session][:email].downcase)
if user && user.authenticate(params[:session][:password])
sign_in user
# user.update_attribute(:sign_in_count, user.sign_in_count + 1)
user.update_attribute(:last_login, DateTime.now)
if user.admin?
redirect_to admin_path
else
redirect_to user
end
else
flash.now[:danger] = 'Invalid email/password combination'
render layout: 'login'
end
end
def destroy
sign_out
redirect_to root_url
end
end
And in my SessionsHelper.rb
module SessionsHelper
def sign_in(user)
remember_token = User.new_remember_token
cookies.permanent[:remember_token] = remember_token
user.update_attribute(:remember_token, User.digest(remember_token))
self.current_user = user
end
end
But I get an error which is caused by the SessionsHelper not being loaded.
However when I add the method in the ApplicationController.rb it does work fine.
It seems to be Rails 4.2 issue?
But I'm not sure how to resolve in my case. Any ideas?
I want a add in action 'destroy' if/else than user was not logged, his redirect to signin page, but I'm doing wrong.
def destroy
if user.sign_in
sign_out
redirect_to root_url
else
redirect_to signin_path
end
end
helper sessions_helper
def sign_in(user)
remember_token = User.new_remember_token
cookies.permanent[:remember_token] = remember_token
user.update_attribute(:remember_token, User.encrypt(remember_token))
self.current_user = user
end
how fix it?
sorry for my bad English
In the destroy method you call to user.sign_in but in you helper you have this definition sign_in(user) you have to fix that using:
user.sign_in
And creating a method on class User
OR:
sign_in(user)
Passing user as a param with actual method defined.
EDITED
ApplicationController
def sign_in(user)
remember_token = User.new_remember_token
cookies.permanent[:remember_token] = remember_token
user.update_attribute(:remember_token, User.encrypt(remember_token))
self.current_user = user
end
end
I have sign_in page using remember me checkbox.
Remember Me - obviously to remember session forever (with 20 years expiration) unless you will click the log-out button.
The problem is, I can't sign in if I didn't check the remember me.
SessionController:
def create
user = User.find_by(email: params[:email].downcase)
if user && user.authenticate(params[:password])
if params[:remember_me]
sign_in user
redirect_to root_url
else
User.find_by_id(session[:remember_token])
session[:remember_token] = user.id
redirect_to root_url
end
else
flash.now[:danger] = 'Invalid email/password combination'
render 'new'
end
end
SessionHelper
def sign_in(user)
remember_token = User.new_remember_token
cookies.permanent[:remember_token] = remember_token
user.update_attribute(:remember_token, User.encrypt(remember_token))
self.current_user = user
end
def signed_in?
!current_user.nil?
end
def current_user=(user)
#current_user = user
end
def current_user
remember_token = User.encrypt(cookies[:remember_token])
#current_user ||= User.find_by(remember_token: remember_token)
end
def sign_out
self.current_user = nil
cookies.delete(:remember_token)
end
In your create method, you didn't actually mark the user as logged in when the user didn't check the remember me box. It only stores user.id in session[:remember_token].
if user && user.authenticate(params[:password]) # valid email & password
if params[:remember_me] # remember me
sign_in user
redirect_to root_url
else # do not remember me
#User.find_by_id(session[:remember_token]) # this line did nothing
session[:remember_token] = user.id # store user.id in session
redirect_to root_url
end
else
...
end
Your current_user doesn't check user.id in session, but only checks cookies or manual assignment of current_user.
I would rewrite current user like this:
def current_user
if #current_user
#current_user
elsif session[:remember_token]
#current_user ||= User.find_by_id(session[:remember_token])
elsif cookies[:remember_token]
remember_token = User.encrypt(cookies[:remember_token])
#current_user ||= User.find_by(remember_token: remember_token)
else
nil
end
end
BTW. The title is irrelevant with the problem defined in the body.
I am able to create users and sign in, however when I sign out I receive the following (although the session does appear to end):
NoMethodError at /signout
undefined method `update_attribute' for nil:NilClass
This is on the sign_out method in the SessionsHelper, where current_user.update_attribute(...)
Does this mean that current_user is nil? What can I do to fix, this. I'm very new to RoR, thanks.
Here's my SessionsHelper
module SessionsHelper
def sign_in(user)
remember_token = User.new_remember_token
cookies.permanent[:remember_token] = remember_token
user.update_attribute(:remember_token, User.encrypt(remember_token))
self.current_user = user
end
def signed_in?
!current_user.nil?
end
def current_user=(user)
#current_user = user
end
def current_user
remember_token = User.encrypt(cookies[:remember_token])
#current_user ||= User.find_by(remember_token: remember_token)
end
def sign_out
current_user.update_attribute(:remember_token, User.encrypt(User.new_remember_token))
#current_user.update_attribute(:remember_token, User.new_remember_token)
cookies.delete(:remember_token)
self.current_user = nil
end
end
Here's my SessionsController
class SessionsController < ApplicationController
def new
end
def create
user = User.find_by(email: params[:session][:email].downcase)
if user && user.authenticate(params[:session][:password])
sign_in user
redirect_to user
else
flash.now[:error] = 'Invalid email/password combination' #not quite right
render 'new'
end
end
def destroy
sign_out
redirect_to 'signin'
end
end
it would be nice if you told us what the exact circumstances are that you got this error.
it's quite possible you're going to the sign-out page when you're not actually currently signed-in.
In which case - why don't you add "if signed_in?" to your action eg:
def sign_out
return unless signed_in? # you are already signed out
current_user.update_attribute(:remember_token, User.encrypt(User.new_remember_token))
cookies.delete(:remember_token)
self.current_user = nil
end
def destroy
sign_out if signed_in?
redirect_to 'signin'
end
Alternatively - do you have skip_before_action authenticate_user or similar for sign_out?
Again - to sign out, you have to be signed-in... so you can't skip the authentication action for sign-out.
When i sign into the sample app i've made from Hartl's rail tutorial at the end of Chapter 9 i get this error. I've searched high and low but can't figure out what's probably very obvious.
NoMethodError in SessionsController#create
undefined method `current_user=' for #session....
The errors occur in these 2 files, code below
app/helpers/sessions_helper.rb:7:in sign_in'
app/controllers/sessions_controller.rb:9:increate'
app/helpers/sessions_helper
module SessionsHelper
def sign_in(user)
remember_token = User.new_remember_token
cookies.permanent[:remember_token] = remember_token
user.update_attribute(:remember_token, User.encrypt(remember_token))
self.current_user = user
end
def signed_in?
!current_user.nil?
end
def current_user
remember_token = User.encrypt(cookies[:remember_token])
#current_user ||= User.find_by(remember_token: remember_token)
end
def current_user?(user)
user == current_user
end
def sign_out
self.current_user = nil
cookies.delete(:remember_token)
end
def redirect_back_or(default)
redirect_to(session[:return_to] || default)
session.delete(:return_to)
end
def store_location
session[:return_to] = request.url if request.get?
end
end
app/controllers/sessions_controller
class SessionsController < ApplicationController
def new
end
def create
user = User.find_by(email: params[:session][:email].downcase)
if user && user.authenticate(params[:session][:password])
sign_in user
redirect_back_or user
else
flash.now[:error] = 'Invalid email/password combination'
render 'new'
end
end
def destroy
sign_out
redirect_to root_url
end
end
Take a look at listing 8.20 on http://ruby.railstutorial.org/chapters/sign-in-sign-out. It looks like you missed the step of defining the current_user= method
def current_user=(user)
#current_user = user
end