Pulling information out of the session in the view

Hi, I’m setting up a basic user authentication system and I don’t know
how to use the information that gets loaded into the session once a user
logs in. The session is session[:user], which I believe contains all of
the user information. I created a little shortcut for session[:user]
like this:

def current_user
session[:user]
end

in my application.rb.

How do I call individual pieces of information out of that in my view?
Like if I wanted to display the current user’s username somewhere?

Let me know if more information is needed, but I assume this is kind of
a generic thing.

Thanks so much!

Dave A. wrote:

Hi, I’m setting up a basic user authentication system and I don’t know
how to use the information that gets loaded into the session once a user
logs in. The session is session[:user], which I believe contains all of
the user information. I created a little shortcut for session[:user]
like this:

def current_user
session[:user]
end

in my application.rb.

How do I call individual pieces of information out of that in my view?
Like if I wanted to display the current user’s username somewhere?

Let me know if more information is needed, but I assume this is kind of
a generic thing.

Thanks so much!

In a view you can just do:

<%= session[:user].username %>

And if you add to your application.rb that has the current_user method
in it:

helper_method :current_user

Then your current_user method will be available in the view:

<%= current_user.username %>

Thanks, it works great. I knew it was something simple like that. I
have a follow-up, though. I’d like to insert current_user.login (the
name of the user) into a form when a user creates a recipe (it’s recipe
site I’m building). Here’s what I have now, but it doesn’t work:

<%= text_field ‘recipe’, ‘username’, current_user.login %>

Also, how do I make the text field hidden to the user, so they don’t
even see that it’s being recorded under their name; it just does it
automatically?

Once again, I’m sure this is simple, but this is my first time doing any
sort of serious programming or web development, so little help like this
goes a long way for me. :slight_smile:

Thanks again!!

Dave

Alex W. wrote:

Dave A. wrote:

Hi, I’m setting up a basic user authentication system and I don’t know
how to use the information that gets loaded into the session once a user
logs in. The session is session[:user], which I believe contains all of
the user information. I created a little shortcut for session[:user]
like this:

def current_user
session[:user]
end

in my application.rb.

How do I call individual pieces of information out of that in my view?
Like if I wanted to display the current user’s username somewhere?

Let me know if more information is needed, but I assume this is kind of
a generic thing.

Thanks so much!

In a view you can just do:

<%= session[:user].username %>

And if you add to your application.rb that has the current_user method
in it:

helper_method :current_user

Then your current_user method will be available in the view:

<%= current_user.username %>

Nevermind, I answered my own question:

<%= hidden_field ‘recipe’, ‘username’, :value => current_user.login %>

Dave A. wrote:

Nevermind, I answered my own question:

<%= hidden_field ‘recipe’, ‘username’, :value => current_user.login %>

A better way would be to do this on your new Recipe object in the
controller of the “new” action.

def new
@recipe = Recipe.new(:username => current_user.login)
end

Now any form helper will automatically have this as its value, because
the object its references has that value:

<%= hidden_field ‘recipe’, ‘username’ %>

well i would suggest not to use a hidden field here …
you can always identify the user adding a recipe though his session, as
shown in your first question.
so why add the name to the form?

  1. It’s prone for abuse by manipulating the sent username in the POST
    arguments of the request
    (not such a big deal in a recipe app i guess, but bad nonetheless
  2. to prevent this, you have to check if the sent username is the
    username of the user currently logged in.
    so why add it to the form at all?

@recipe = Recipe.new(params[:recipe]
@recipe.user_id = current_user.id
@recipe.username = current_user.login
@recipe.save

  • i added the user’s id as it should be added for Model Relationships
  • adding the username was therefore useless but i did it nonetheless.