I have a two part question.
First just wondering if anyone out there has any good Remember Me login
coding example or tutorials? I found one that is a couple years old and
it seems like if should work for a rails 2.0 application but I won’t
know until I try.
Second, the code example that I did find and am intergrating has a
couple lines that are just confusing. In this example the user logins
and if the remember me check box is checked this bit of code is
executed:
Controller code for login
@session[:user].remember_me
cookies[:auth_token] = { :value => @session[:user].remember_token ,
:expires =>
@session[:user].remember_token_expires }
Then, theoretically you close down the browser and the next time you
open it and navigate to my website you should be automatically logged
in.
The issue that I have - and I think this is because I am not
understanding the ruby code - is, in the remember_me method of the User
model I have this bit of code:
self.remember_token = Digest::SHA1.hexdigest("#{salt}–#{self.email}–#
{self.remember_token_expires}")
and this bit of code in the ApplicationController
user = User.find_by_remember_token(cookies[:auth_token])
When I save the value for the remember_token I don’t see how I am going
to be able to find that value in the database with the
find_by_remember_token because of the odd syntax used in the hexdigest
method.
If the cookie has has a :value => ‘…’ and a :expires => ‘…’, how is
the find_by_remember_token going to work when the remember_token is
encrypted by saying
“#{salt}–#{self.email}–#{self.remember_token_expires}”? It just
doesn’t seem to me that the encrypted info and the cookie would be the
same in the end and that I would therefore not be able to find anything
by the User.find_by_remember_token.
Not sure if this makes sense, I just didn’t want to get to far into this
project without fully understanding what is going on. Thanks,
-S