Before_action infinite loop

musicdenotation · May 2, 2014, 12:20pm

Good afternoon all,

I’m trying to restrict the access to the application to paths like
“localhost:3000/users/1” without a previus login. To do that I have
create
this function:

‘session_controller.rb’

before_action :authorize def authorize if current_user.nil?
redirect_to home_path else redirect_to
user_path(current_user.id) end end

When the ‘current_user’ is nil it entryes to an infinite loop. What I
have
to do to solve this?.

Thanks & Best regards.

Alfredo.

alfa-rero · May 2, 2014, 6:47pm

On Fri, May 2, 2014 at 5:19 AM, Alfredo B. [email protected]
wrote:

if current_user.nil?
  redirect_to home_path
else
  redirect_to user_path(current_user.id)
end
end

When the ‘current_user’ is nil it entryes to an infinite loop. What I have
to do to solve this?.

Without actually seeing the code for what is answering home_path, I’m
going to make a guess that that controller+action is making a call to
the session controller.

alfa-rero · May 2, 2014, 8:00pm

Yes, when the ‘current_user’ is nil ‘home_path’ calls a method from
session
controller. I understand the reason of the loop, but I don´t know how to
fix it

I need this way because when the user is not loged he can’t access
anything
from the application.

Thanks ,

Alfred.

alfa-rero · May 3, 2014, 4:28am

On Fri, May 2, 2014 at 12:59 PM, Alfredo B. [email protected]
wrote:

Yes, when the ‘current_user’ is nil ‘home_path’ calls a method from session
controller. I understand the reason of the loop, but I don´t know how to fix
it

I need this way because when the user is not loged he can’t access anything
from the application.

Remove one or the other, your choice. If your application cannot
handle anonymous users (which is legit thing), don’t send anonymous
users back to the home controller from the point where they have to
log in. What you should most likely be doing is directing them to a
login screen instead.

alfa-rero · May 3, 2014, 7:24am

Hello Alfredo,

Could you please provide where and how the current_user is being
defined.
Are you using an gem for registration/authentication or this is manually
defined code?

Also please share the content of controller which contains the action
‘home’(for home_path) ?

Well, my guess is that either devise(
GitHub - heartcombo/devise: Flexible authentication solution for Rails with Warden.) or sorcery(
GitHub - NoamB/sorcery: Magical authentication for Rails 3 & 4) is being used. If this is the case,
it
is recommended to use following methods provided by these gems.

devise - :authenticate_user! -
GitHub - heartcombo/devise: Flexible authentication solution for Rails with Warden.
sorcery - :require_login -
GitHub - NoamB/sorcery: Magical authentication for Rails 3 & 4
Thanks,
Lauree

alfa-rero · May 3, 2014, 10:03am

On 3 May 2014 03:27, tamouse pontiki [email protected] wrote:

users back to the home controller from the point where they have to
log in. What you should most likely be doing is directing them to a
login screen instead.

Or use :only or :except on the filter to specify that certain methods
do/do not have to have authorisation.

Colin

alfa-rero · May 3, 2014, 2:39pm

On 3 May 2014 13:08, Alfredo B. [email protected] wrote:

Further I have a question. How can I manage ‘strange’ requests that come to
my app like: http://localhost:3000/undefinded

Please quote the previous message when you are replying, it makes it
easier to follow the thread. Thanks.

What do you mean by manage them? What to you want to do?

Colin

alfa-rero · May 3, 2014, 2:09pm

Good afternoon all,

First of all thanks for the answers.

Lauree, I been trying to use ‘devise’ gem but I’m to junior yet, so I’m
using other way to the users login and logout. But thanks for the
advise.

I’m following what Colin said. With this line in the controllers:
before_action
:authorize, only: [:index, :destroy]

Further I have a question. How can I manage ‘strange’ requests that
come
to my app like: http://localhost:3000/undefinded

Thanks!

Alfredo.

alfa-rero · May 3, 2014, 2:54pm

On 3 May 2014 13:41, Alfredo B. [email protected] wrote:

Ok sorry. What I need is to redirect the application in the case a bad request
comes to my application. For example: http://localhost:3000/undefinded

The application have to redirect that request to a page that says something like
“Sorry that page does not exist”.

That is already handled for you. Just edit public/404.html to say
whatever you like.

Colin

alfa-rero · May 3, 2014, 4:07pm

When I type ‘http://localhost:3000/undefinded’ I get this page:
Routing Error

No route matches [GET] “/undefined”

This is a route problem, it is trying to load that path.

Thanks.

Alfredo.

El 03/05/2014, a las 14:51, Colin L. [email protected] escribi:

alfa-rero · May 3, 2014, 4:46pm

On 3 May 2014 15:06, Alfredo B. [email protected] wrote:

When I type ‘http://localhost:3000/undefinded’ I get this page:

Routing Error

No route matches [GET] "/undefined”

I think that is because you are running in development mode. I
think that if you run it in a production environment that
public/404.html will be displayed, but I must admit I am not sure
exactly how this works. Perhaps someone more knowledgeable will add
detail or correct me.

Colin

alfa-rero · May 3, 2014, 2:42pm

Ok sorry. What I need is to redirect the application in the case a bad
request comes to my application. For example:
http://localhost:3000/undefinded

The application have to redirect that request to a page that says
something like “Sorry that page does not exist”.

Thanks

El 03/05/2014, a las 14:37, Colin L. [email protected] escribi:

alfa-rero · May 3, 2014, 8:21pm

Ok! And how can I test the production enviroment?.

Alfredo.

El viernes, 2 de mayo de 2014 12:19:02 UTC+2, Alfredo B. escribió:

alfa-rero · May 3, 2014, 11:02pm

On 3 May 2014 19:19, Alfredo B. [email protected] wrote:

Ok! And how can I test the production enviroment?.

Do you mean how can you run automated tests in the production
environment or do you mean how can you run your app in the production
environment to see whether it functions as described?

Colin

alfa-rero · May 3, 2014, 4:49pm

On May 3, 2014, at 10:43 AM, Colin L. wrote:

exactly how this works. Perhaps someone more knowledgeable will add
detail or correct me.

You are correct. The development mode shows the “developer-friendly”
errors, and the production mode shows the opaque “user-friendly” errors
from the static /public/[nnn].html files. Edit those directly to make
them appear any way you like. Remember, they will be served from the /
root of the server, so any paths to resources need to be relative from
that point.

Walter