ApplicationController

andreas · November 3, 2006, 10:52am

Hi all,

perhaps I am on the wrong path - because I come from the ASP world

I want that my app checks on every page if my user is logged in or not.
I have 2 cookies set in my signin process - which works great.
now I want to set a global var if a user is logged in or not
I do that in the application controller

class ApplicationController < ActionController::Base

$login_user_id = cookies[:user_id]
$login_user_sid = cookies[:user_sid]
if $login_user_id != ""
  $login_ok = true
else
  $login_ok = false
end

end

but this will not work - he cant access the cookies

error >> undefined local variable or method `cookies’ for
ApplicationController:Class

what I am doing wrong?

thanks for any help in my path to escape the MS ASP world
andreas

andreas · November 3, 2006, 11:07am

got it:

before_filter :check_user_login is my friend

andreas · November 3, 2006, 11:40am

it seams that I dont get it

this is my code
class ApplicationController < ActionController::Base

before_filter :check_user_login

def check_user_login
#auto login the user if cookie is set

$login_user_id = cookies[:user_id]
$login_user_sid = cookies[:user_sid]

if cookies[:user_id]
  $login_ok = true
else
  $login_ok = false
end

end

but now it says all the time

“Filter chain halted as [check_user_login] returned false”

I think I dont get the whole thing here, can anybody point me in the
right direction? I only want to set my global vars if a cookie is set or
not

thanks for any help
andreas

andreas · November 3, 2006, 11:45am

Andreas S. wrote:

class ApplicationController < ActionController::Base

before_filter :check_user_login

def check_user_login
#auto login the user if cookie is set
$login_user_id = cookies[:user_id]
$login_user_sid = cookies[:user_sid]

if cookies[:user_id]
  $login_ok = true
else
  $login_ok = false
end
end

end

but now it says all the time

“Filter chain halted as [check_user_login] returned false”

check_user_login dosn’t return true. Return true, if the check is OK.

Besides, why do you want to store the successful authentication of the
user i a global varibale? Why not use the session hash?

andreas · November 3, 2006, 11:57am

oh great, thanks lutz!

I am pretty new to RoR - and sometimes I think I still code ASP but
using RoR syntax - when I look at the oder code examples - I feel far
away from “aaaah, I get it!”. Most of the time I can’t find things in
the Api references - it is a bit complicated to find things here. I also
ask myself why to use classes? My code looks like asp classic I hope
this will change over the next weeks and month.

your idea about the session is good - I read about sessions and that
they can store complete objects.

thanks again
-Andreas

Lutz H. wrote:

Andreas S. wrote:
class ApplicationController < ActionController::Base

before_filter :check_user_login

def check_user_login
#auto login the user if cookie is set
$login_user_id = cookies[:user_id]
$login_user_sid = cookies[:user_sid]

if cookies[:user_id]
  $login_ok = true
else
  $login_ok = false
end
end

end

but now it says all the time

“Filter chain halted as [check_user_login] returned false”
check_user_login dosn’t return true. Return true, if the check is OK.

Besides, why do you want to store the successful authentication of the
user i a global varibale? Why not use the session hash?

andreas · November 4, 2006, 9:09pm

Alex, thanks for this great answer!

I wonder why a global var is for all users that are on the server???
why that? I am speachless!
Did I understand you correctly that my global var $login_ok is avail. to
ALL users on the server? my god! Is there perhaps a special book for ASP
to Rails switchers - this is all too new for me.

I now have a session var with my user_id - but I still need to rewrite
all my code when I dont want to use $login_ok.

Rails is for me so complicated - and all the files and folders - I get
mad - its a hard way for me - asp is much easier - all in one file an
done. now i have a controler - a rhtml file - a _form file and some more
files. I am using textmate to code - sometimes I sit in front of my
screen 1 minute and must think in which file the peace of code is that i
want to change

andreas

andreas · November 4, 2006, 9:16pm

Andreas S. wrote:

Alex, thanks for this great answer!

I wonder why a global var is for all users that are on the server???
why that? I am speachless!
Did I understand you correctly that my global var $login_ok is avail. to
ALL users on the server? my god! Is there perhaps a special book for ASP
to Rails switchers - this is all too new for me.

I now have a session var with my user_id - but I still need to rewrite
all my code when I dont want to use $login_ok.

Rails is for me so complicated - and all the files and folders - I get
mad - its a hard way for me - asp is much easier - all in one file an
done. now i have a controler - a rhtml file - a _form file and some more
files. I am using textmate to code - sometimes I sit in front of my
screen 1 minute and must think in which file the peace of code is that i
want to change

andreas

Since rails is written in ruby, it follows the laws of the language.
And ruby itself knows nothing of users or websites.

In ruby a global variable is simply a variable of global scope, meaning
it can be accessed from anywhere in the running application exactly the
same way. In a multi user environment, you obviously don’t want to
store user data that way.

I recommend getting the ruby pickaxe, officially titled “Programming
Ruby”. It will get you off the ground with ruby, so you get off the
ground with rails.

andreas · November 4, 2006, 9:24pm

well, this book is beside me on my desk - but I think I dont get whats
ruby and what is rails when I type in commands like walking through fog.
it is also not easy for me to find things in the api docs

btw. I now have removed the global var $login_ok and it works fantastic
like you wrote above.

thanks, alex

andreas · November 4, 2006, 10:45pm

Ruby is the programming language, Rails is a framework written in rails
for doing web applications.

The directory structure may seem a little strange, this is because rails
enforces the MVC (model view controller) pattern. This should help you
keep things maintainable, whereas having everything in one file can get
out of hand

The naming patterns mean that is also not hard to guess which files
something is in (and textmate has plenty of handy key combos for quickly
switching to other files).

Fred

andreas · November 4, 2006, 8:31am

Andreas S. wrote:

oh great, thanks lutz!

I am pretty new to RoR - and sometimes I think I still code ASP but
using RoR syntax - when I look at the oder code examples - I feel far
away from “aaaah, I get it!”. Most of the time I can’t find things in
the Api references - it is a bit complicated to find things here. I also
ask myself why to use classes? My code looks like asp classic I hope
this will change over the next weeks and month.

your idea about the session is good - I read about sessions and that
they can store complete objects.

thanks again
-Andreas

Firstly, if a filter explicitly returns a “false” value than rails
thinks you want to abort the processing of the action and halts
execution. When there is no cookie the last statement executed in the
filter method is:

$login_ok = false

and assigments always return the new value. So the filter itself
returns false.

Second, global variables will get you in trouble. If more than one
person at a time is using your app, the globals variable could have to
wrong values since they are global for all users in you app. This is
further complicated that most production rails sites runs multiple
server processes, each with it own global environment, and which process
serves the request is mostly random.

And for the most part, for ruby in general, embrace scope and simply
don’t use globals. Unless you have a very good reason.

Third, as mentioned, this is what sessions are for. You can store
entire record objects in the session but its not recomended since they
may become stale since they are not tied to the database without being
explicitly refreshed. It’s better to simply fetch a fresh objet on each
requet with a before_filter.

Here is how I would handle it:

before_filter :get_user

def get_user
session[:user_id] ||= cookies[:user_id]
session[:user_sid] ||= cookies[:user_sid]

@user = User.find_by_id(session[:user_id])

end

The cookies are fetched only if session[:user_id] is nil, meaning if you
assign a user_id another way, the potentially missing cookie values wont
overwrite them.

Then we create an instance variable for the user. Using find_by_id
instead of just “find” prevents a record not found error, and simply
returns nil instead if the record doesn’t exist.

Then if someone is logged in, @user is a User object for that person.
And if no one is logged in, @user is nil. And @user is accessible in
all controllers and views. This lets you do simple things like:

def index
if @user
redirect_to :action => ‘show’, :id => @user
else
redirect_to :action => ‘signup’
end
end

or

<% if @user %>
<%= link_to ‘Logout’, :action = ‘logout’ %>
<% else %>
<%= link_to ‘Login’, :action => ‘login’ %>
<% end %>

andreas · November 5, 2006, 6:06am

Frederick C. wrote:

Ruby is the programming language, Rails is a framework written in rails
for doing web applications.

I hate to be a scooch, but I don’t want Andreas to get more confused …

Ruby is a programming language, and Rails is a framework written in Ruby
for creating web applications.

andreas · November 5, 2006, 1:04pm

Eek, brain was on automatic. Sorry for any confusion caused.

Fred

andreas · November 7, 2006, 10:57am

Andreas S. wrote:

but this will not work - he cant access the cookies

error >> undefined local variable or method `cookies’ for
ApplicationController:Class

what I am doing wrong?

thanks for any help in my path to escape the MS ASP world
andreas

Hey

You could write an action that just checks those cookies…

class ApplicationController < ActionController::Base

def login_ok?
!cookies[:user_id].blank?
end

end

Then in some other action in say, your store_controller? use

def show_store
if login_ok?
render :layout => ‘store’
else
flash[:warning] = ‘not allowed there!’
redirect_to :action => ‘not_allowed’
end
end

Or something similar, I’m not very big on cookies, but
this seems like it should work :]

Cheery-o
Gustav P.
[email protected]

andreas · November 7, 2006, 10:58am

I am pretty new to RoR - and sometimes I think I still code ASP but
using RoR syntax - when I look at the oder code examples - I feel far
away from “aaaah, I get it!”. Most of the time I can’t find things in
the Api references - it is a bit complicated to find things here. I also
ask myself why to use classes? My code looks like asp classic I hope
this will change over the next weeks and month.

I’m coming to this thread late, but I just wanted to add that one the
things that comes up often for us former Microsoft developers, is
translating our old way of thinking about web site programming into the
Rails way. For example, some ASP developers look for an equivalent to
the ASP Application object and think that ApplicationController is the
equivalent, or using global variables are equivalent, but they are not.

So I just wanted to say, don’t give up, keep at it, and pretty soon
you’ll get that “aaah, I get it!” experience. And once you do, you’ll
NEVER want to go back to ASP again.

Jeff