Forum: Ruby on Rails Problem with params

Announcement (2017-05-07): www.ruby-forum.com is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see rubyonrails.org/community and ruby-lang.org/en/community for other Rails- und Ruby-related community platforms.
Bd3a4af368439803aa37d318f9941a9f?d=identicon&s=25 David (Guest)
on 2006-03-14 00:33
I've got a User model, which holds the following (excerpt):

  def try_to_authenticate
    User.authenticate(self.username, self.password)
  end

  ..

  private
  def self.hash_password(password)
    Digest::SHA1.hexdigest(password)
  end

  def self.authenticate(username, password)
        @user = User.find(:all, :conditions => ["username = ? AND
password = ?",
                         params[:username],
self.hash_password(params[:password]))

        if @user.blank?
          raise "Incorrect username or password"
        end
        # Return the user object we found
        @user
  end

However, when called from my LoginController, like so:

  def login
    if request.get?
      session[:user_id] = nil
      @user = User.new
    else
      @user = User.new(params[:user])
      # TODO: wrap this in a rescue block to handle exception
      authenticated_user = @user.try_to_authenticate
      if authenticated_user
        session[:user_id] = authenticated_user.id
        redirect_to :action => session[:intended_action], :controller =>
session[:intended_controller]
      else
        flash[:notice] = 'Invalid username or password.'
      end
    end
  end

I get an error on the User.find(..) line that there is no such thing as
params[].  I had it working but then I edited/moved the code around, so
can anybody suggest why it now will not search for the user correctly?

Is there a better way to do it?

Cheers.
A2c85dc5ee81b12e3cc0a6522e8d079d?d=identicon&s=25 Chris Hall (Guest)
on 2006-03-14 02:10
(Received via mailing list)
the class method doesn't have access to the params array from the
controller.

just use the passed in method argument names 'username' and 'password'
Bd3a4af368439803aa37d318f9941a9f?d=identicon&s=25 David (Guest)
on 2006-03-14 22:48
Chris Hall wrote:
> the class method doesn't have access to the params array from the
> controller.
>
> just use the passed in method argument names 'username' and 'password'

Thanks Chris, this is perfect.  I hadn't realised that params[] was for
the controller, not the method.  Time to read up more on scope and such
in Ruby :)

David
This topic is locked and can not be replied to.