Newbie question on usersession

all:
prob a stupid question… new to ruby/rails.

I have a working ruby on rails app on my server. However, i don’t
provide authentication service. (login etc)… In my workplace, there
is a centrally authenticated URL- if ppl go there first, they can get
authenticated. i thought i will put my html start page in this
centrally authenticated place(with a form and hidden param and
redirect to my ruby on rails server).

I however, want to prevent ppl directly using http://myServer/app/main

So,
in my main method, i do this
def controller_main
@user = @params[‘user’]
if (@user == nil)
redirect_to “http://goway.com” # basically send them to some no
accesspl
end
end

This looked good… but the problem is: i have other methods like list
def list

This lists all my data

#here my check for @user always returns nil. Why?
end

Only main method gets access to the html hidden param ‘user’. i dont
know why storing it in @user does not work (i thought its instance
variable).

madmax wrote:

all:
prob a stupid question… new to ruby/rails.

I however, want to prevent ppl directly using http://myServer/app/main

So,
in my main method, i do this
def controller_main
@user = @params[‘user’]
if (@user == nil)
redirect_to “http://goway.com” # basically send them to some no
accesspl
end
end

This looked good… but the problem is: i have other methods like list
def list

This lists all my data

#here my check for @user always returns nil. Why?
end

You need a before_filter in you application.rb to ensure that this @user
object gets created on every request. Instance variables in the
controller only exist for the length of one request, and then die.

#application.rb
class ApplicationController < ActionController::Base
before_filter :authenticate
def authenticate
@user = @params[‘user’]
redirect_to login_url unless @user
end
end

Thanks for your reply. It still does not work for me.
It only works on access to my main page (since the html redirect is
passing a hidden param).
in the login server, my html page content is like this

---------------------

once my main page is loaded - http://myServer/app/main , in that
main.rhtml, i have link defined like below.
<%= link_to “(Show all Books)”,
:controller => “app”,
:action => “list” %>

now, clicking on link, redirects me to login page (even though i did
come from that)…
so the authenticate method stores the @user = @params[‘user’]… but it
also seems to lose it

the way i solved is using session[:user] = @params[‘user’]

and in other methods i just use the value of session[:user]

This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.

| Privacy Policy | Terms of Service | Remote Ruby Jobs