Rails Sign_in(user) not working - remember_token - ruby-on-rails

I'm trying to allow my users to sign in and I have narrowed my problem to one method.
in session_helper.rb
def sign_in(user)
remember_token = User.new_remember_token
cookies.permanent[:remember_token] = remember_token
user.update_attribute(:remember_token, User.encrypt(remember_token))
self.current_user = user
end
def signed_in?
!current_user.nil?
end
How do I check what my current column structure is in my database and make fix this issue?
If a user signs in, it gives a positive flash response.
sessions_controller.rb
def new
end
def create
user = User.find_by_email(params[:session][:email])
if user && user.authenticate(params[:session][:password])
sign_in user
flash[:success] = 'Signed in'
redirect_to user
else
flash.now[:error] = 'Invalid email/password combination'
render 'new'
end
end
but it still returns signed_in? as false.
Any ideas?

Related

Rails 4.2 not loading helpers

I'm using Rails 4.2 on a project and the helper doesn't seem to be loading.
I've got a sessions_controller.rb:
class SessionsController < ApplicationController
def new
if signed_in?
redirect_to admin_path
else
render layout: 'login'
end
end
def create
#controller_js = ''
user = User.find_by(email: params[:session][:email].downcase)
if user && user.authenticate(params[:session][:password])
sign_in user
# user.update_attribute(:sign_in_count, user.sign_in_count + 1)
user.update_attribute(:last_login, DateTime.now)
if user.admin?
redirect_to admin_path
else
redirect_to user
end
else
flash.now[:danger] = 'Invalid email/password combination'
render layout: 'login'
end
end
def destroy
sign_out
redirect_to root_url
end
end
And in my SessionsHelper.rb
module SessionsHelper
def sign_in(user)
remember_token = User.new_remember_token
cookies.permanent[:remember_token] = remember_token
user.update_attribute(:remember_token, User.digest(remember_token))
self.current_user = user
end
end
But I get an error which is caused by the SessionsHelper not being loaded.
However when I add the method in the ApplicationController.rb it does work fine.
It seems to be Rails 4.2 issue?
But I'm not sure how to resolve in my case. Any ideas?

How redirect to a sign in page when the user is not authenticated

I want a add in action 'destroy' if/else than user was not logged, his redirect to signin page, but I'm doing wrong.
def destroy
if user.sign_in
sign_out
redirect_to root_url
else
redirect_to signin_path
end
end
helper sessions_helper
def sign_in(user)
remember_token = User.new_remember_token
cookies.permanent[:remember_token] = remember_token
user.update_attribute(:remember_token, User.encrypt(remember_token))
self.current_user = user
end
how fix it?
sorry for my bad English
In the destroy method you call to user.sign_in but in you helper you have this definition sign_in(user) you have to fix that using:
user.sign_in
And creating a method on class User
OR:
sign_in(user)
Passing user as a param with actual method defined.
EDITED
ApplicationController
def sign_in(user)
remember_token = User.new_remember_token
cookies.permanent[:remember_token] = remember_token
user.update_attribute(:remember_token, User.encrypt(remember_token))
self.current_user = user
end
end

Destroying Session when browser closed - Ruby on Rails

I have sign_in page using remember me checkbox.
Remember Me - obviously to remember session forever (with 20 years expiration) unless you will click the log-out button.
The problem is, I can't sign in if I didn't check the remember me.
SessionController:
def create
user = User.find_by(email: params[:email].downcase)
if user && user.authenticate(params[:password])
if params[:remember_me]
sign_in user
redirect_to root_url
else
User.find_by_id(session[:remember_token])
session[:remember_token] = user.id
redirect_to root_url
end
else
flash.now[:danger] = 'Invalid email/password combination'
render 'new'
end
end
SessionHelper
def sign_in(user)
remember_token = User.new_remember_token
cookies.permanent[:remember_token] = remember_token
user.update_attribute(:remember_token, User.encrypt(remember_token))
self.current_user = user
end
def signed_in?
!current_user.nil?
end
def current_user=(user)
#current_user = user
end
def current_user
remember_token = User.encrypt(cookies[:remember_token])
#current_user ||= User.find_by(remember_token: remember_token)
end
def sign_out
self.current_user = nil
cookies.delete(:remember_token)
end
In your create method, you didn't actually mark the user as logged in when the user didn't check the remember me box. It only stores user.id in session[:remember_token].
if user && user.authenticate(params[:password]) # valid email & password
if params[:remember_me] # remember me
sign_in user
redirect_to root_url
else # do not remember me
#User.find_by_id(session[:remember_token]) # this line did nothing
session[:remember_token] = user.id # store user.id in session
redirect_to root_url
end
else
...
end
Your current_user doesn't check user.id in session, but only checks cookies or manual assignment of current_user.
I would rewrite current user like this:
def current_user
if #current_user
#current_user
elsif session[:remember_token]
#current_user ||= User.find_by_id(session[:remember_token])
elsif cookies[:remember_token]
remember_token = User.encrypt(cookies[:remember_token])
#current_user ||= User.find_by(remember_token: remember_token)
else
nil
end
end
BTW. The title is irrelevant with the problem defined in the body.

undefined method `update_attribute' for nil:NilClass

I am able to create users and sign in, however when I sign out I receive the following (although the session does appear to end):
NoMethodError at /signout
undefined method `update_attribute' for nil:NilClass
This is on the sign_out method in the SessionsHelper, where current_user.update_attribute(...)
Does this mean that current_user is nil? What can I do to fix, this. I'm very new to RoR, thanks.
Here's my SessionsHelper
module SessionsHelper
def sign_in(user)
remember_token = User.new_remember_token
cookies.permanent[:remember_token] = remember_token
user.update_attribute(:remember_token, User.encrypt(remember_token))
self.current_user = user
end
def signed_in?
!current_user.nil?
end
def current_user=(user)
#current_user = user
end
def current_user
remember_token = User.encrypt(cookies[:remember_token])
#current_user ||= User.find_by(remember_token: remember_token)
end
def sign_out
current_user.update_attribute(:remember_token, User.encrypt(User.new_remember_token))
#current_user.update_attribute(:remember_token, User.new_remember_token)
cookies.delete(:remember_token)
self.current_user = nil
end
end
Here's my SessionsController
class SessionsController < ApplicationController
def new
end
def create
user = User.find_by(email: params[:session][:email].downcase)
if user && user.authenticate(params[:session][:password])
sign_in user
redirect_to user
else
flash.now[:error] = 'Invalid email/password combination' #not quite right
render 'new'
end
end
def destroy
sign_out
redirect_to 'signin'
end
end
it would be nice if you told us what the exact circumstances are that you got this error.
it's quite possible you're going to the sign-out page when you're not actually currently signed-in.
In which case - why don't you add "if signed_in?" to your action eg:
def sign_out
return unless signed_in? # you are already signed out
current_user.update_attribute(:remember_token, User.encrypt(User.new_remember_token))
cookies.delete(:remember_token)
self.current_user = nil
end
def destroy
sign_out if signed_in?
redirect_to 'signin'
end
Alternatively - do you have skip_before_action authenticate_user or similar for sign_out?
Again - to sign out, you have to be signed-in... so you can't skip the authentication action for sign-out.

NoMethodError in SessionsController#create (undefined method `current_user) Hartl Chapter 9

When i sign into the sample app i've made from Hartl's rail tutorial at the end of Chapter 9 i get this error. I've searched high and low but can't figure out what's probably very obvious.
NoMethodError in SessionsController#create
undefined method `current_user=' for #session....
The errors occur in these 2 files, code below
app/helpers/sessions_helper.rb:7:in sign_in'
app/controllers/sessions_controller.rb:9:increate'
app/helpers/sessions_helper
module SessionsHelper
def sign_in(user)
remember_token = User.new_remember_token
cookies.permanent[:remember_token] = remember_token
user.update_attribute(:remember_token, User.encrypt(remember_token))
self.current_user = user
end
def signed_in?
!current_user.nil?
end
def current_user
remember_token = User.encrypt(cookies[:remember_token])
#current_user ||= User.find_by(remember_token: remember_token)
end
def current_user?(user)
user == current_user
end
def sign_out
self.current_user = nil
cookies.delete(:remember_token)
end
def redirect_back_or(default)
redirect_to(session[:return_to] || default)
session.delete(:return_to)
end
def store_location
session[:return_to] = request.url if request.get?
end
end
app/controllers/sessions_controller
class SessionsController < ApplicationController
def new
end
def create
user = User.find_by(email: params[:session][:email].downcase)
if user && user.authenticate(params[:session][:password])
sign_in user
redirect_back_or user
else
flash.now[:error] = 'Invalid email/password combination'
render 'new'
end
end
def destroy
sign_out
redirect_to root_url
end
end
Take a look at listing 8.20 on http://ruby.railstutorial.org/chapters/sign-in-sign-out. It looks like you missed the step of defining the current_user= method
def current_user=(user)
#current_user = user
end

Resources