Rails Recipes question - authenticating users

Didn’t think I’d be back so quick with another question but here goes:

In this recipe for the signin or login (as I call it) there are these
two lines if the user authenticates correctly:

session[:user] = user.id
redirect_to :action => session[:intended_action],
:controller => session[:intended_controller]

So I’m not seeing anything in the way of an explanation but reading
the code it looks like there should be a session controller with a
session action . Is that correct ?

Right now I have a sessions table set up, I’ve made the changes in
environment.rb to do sessions via an ActiveRecord store. So the table
was created via the rake::db::sessions command.

I still don’t see how the user logged in reflect in the sessions table.
In the sessions table there is:
id - just an auto-inc column
session_id
data
and updated column
Both session_id and data are hashed columns so I’m not sure what is
inside ?
I guess I’ve asked a few questions here .

TIA
Stuart

Nah,

What the example is doing is trying to take the user to the page they
were attempting to get to before they where forced to logon.

  1. User attempts to go to edit widget page - http://host/widgets/edit/1

  2. Edit widget page is secured by some authentication code, so it
    redirects you to the login page (but storing in the session the page you
    actualy wanted to go to)

  3. User logs on, and after logging on redirects the user back to the
    page they had requested back at the start.

‘session’ is a variable, a hash to be more precise.

Get me the value from the hash for the key called ‘intended_action’

session[:intended_action] → ‘edit’

session[:intended_controller] → ‘widgets’

Where as session[:user] = user.id mean put an object in the session with
a key of ‘user’

Hope this helps,

Martin

On Mon, 2006-08-07 at 11:03 -0600, Dark A. wrote:

the code it looks like there should be a session controller with a
data
and updated column
Both session_id and data are hashed columns so I’m not sure what is inside ?
I guess I’ve asked a few questions here .


why not just add <%= session debug %> into one of your views to see what
is stored in the hash?

Craig

Rails handles session management for you, you don’t need to create your
own
table. You get the session object for free.

On 8/7/06, Jim L. [email protected] wrote:

Rails handles session management for you, you don’t need to create your own
table. You get the session object for free.


Rails mailing list
[email protected]
http://lists.rubyonrails.org/mailman/listinfo/rails

session[:intended_controller] and such represent the session hash.
This data is held with the session object. It will not have a database
field for each element of the hash. You will have to set these values
somewhere in your code.

On 8/7/06, Jim L. [email protected] wrote:

Rails handles session management for you, you don’t need to create your
own table. You get the session object for free.

Additional info - Rails gives you these objects:

session
cookie
params
request
flash
logger

and a few others that I am sure I’m forgetting.

You don’t have to set those up, although you can configure them in
different
ways. So, don’t create a session controller. What you ran with rake was
to
convert the sessions from being saved on the filesystem to being saved
in
the DB. You don’t need to access that table directly. Just work with the
object.

I didn’t create my own table, I used rake:create:session:db.
Is that all I need ?

Stuart

K…that helps…thank you !

Stuart

Sorry, I’ll re-read awdwr on sessions but what do you mean set those
values somewhere in my code ?

Stuart