Redirects and keeping flash

My code that acts if a session has timed out looks like this:

reset_session
session[:expires_at] = nil

TODO - This flash is never shown, because we redirect maybe?

flash[:error] = ‘Your session has timed out, please login to
continue.’

An attempt to make flash stick around, not working

flash.keep
redirect_to :controller => ‘security’, :action => ‘login’ and return
false

The redirect works fine, but the flash does not. Before I discovered
reset_session I was clearing the keys I didn’t need (e.g.
session[:user_id]) one by one. I believe this showed the flash, but it
doesn’t seem like the best idea if I want to add more to the
authenticated users session (i.e. I may forget to clear out a variable).

Is there any way to fix the above without specifying each and every
variable that needs to be cleared out?

Thanks.

David wrote:

My code that acts if a session has timed out looks like this:

reset_session
session[:expires_at] = nil

TODO - This flash is never shown, because we redirect maybe?

flash[:error] = ‘Your session has timed out, please login to
continue.’

An attempt to make flash stick around, not working

flash.keep
redirect_to :controller => ‘security’, :action => ‘login’ and return
false

The redirect works fine, but the flash does not. Before I discovered
reset_session I was clearing the keys I didn’t need (e.g.
session[:user_id]) one by one. I believe this showed the flash, but it
doesn’t seem like the best idea if I want to add more to the
authenticated users session (i.e. I may forget to clear out a variable).

I have not been able to fix this, but I have made a rather hackish
solution which seems to work in my application.

I believe the actual underlying problem could be caused by this ticket:

http://dev.rubyonrails.org/ticket/5584

To get round this, I have created a method called “clear_session”. All
this does is set session[:deleted] = true. After this, I immediately
redirect to the login form. The first thing the login controller does
is to run:

reset_session if session[:deleted]

This isn’t perfect, but it works in my application and most importantly,
allows the flash to be shown on the login page. When the ticket above
is closed, I’ll just replace my clear_session throughout the code with
reset_session.

If anybody sees any glaring bugs here, please inform me! :slight_smile:

This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.

| Privacy Policy | Terms of Service | Remote Ruby Jobs