Forum: Ruby on Rails Using session-type data in an ActiveRecord callback...

Announcement (2017-05-07): is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see and for other Rails- und Ruby-related community platforms.
JSeidel (Guest)
on 2007-05-06 04:47
(Received via mailing list)
Any suggestions on how best to gain access to session-type information
while in an ActiveRecord callback, such as after_save?

I am encrypting some information in the database, using the
generalized encryption/decryption handler in "Agile Web D.
With Rails" (p 375ff).  I got it working, and now I want to reference
a session field (a user PIN) which is NOT stored in the database...
for security reasons.

I can't seem to gain access to the session method:

1. attempting to use session['user']['pin'] gives me an "undefined
variable or method"
2. attempting to use UserController.session['user']['pin'] gives me a
message saying that it's expecting an integer, not a string.

Any ideas as to how to either (1) gain access to the session hash or
(2) provide my own application-wide storage mechanism?

unknown (Guest)
on 2007-05-06 06:23
(Received via mailing list)
I wouldn't do it this way since it kind of muddy's up the controller &
model portions of the MVC.

Instead you should create an function that will set the PIN in the
user model like this.
attr_accessor :pin

Then in your controller just pass it to a user object

user = User.find_by_id(session[:user][:id]) = session[:user][:pin]!

in the Model

     # do whatever with the pin # this will call it now that you have set it

That's the basic gist of it, I haven't tested any of this could but I
hope its clear enough to understand.

hope that helps,
unknown (Guest)
on 2007-05-06 06:25
(Received via mailing list)
oops I meant instead of this

> after_save
>      # do whatever with the pin
> # this will call it now that you have set it
> end

do this

after_save #to call the current user instances pin.
JSeidel (Guest)
on 2007-05-06 08:54
(Received via mailing list)
Very cool, Jim... thank you very much... just the kind of guidance I
was looking for. I'll give it a shot tomorrow.

This topic is locked and can not be replied to.