Forum: Ruby on Rails "Remembering" link to redirect to after logging in

Announcement (2017-05-07): www.ruby-forum.com is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see rubyonrails.org/community and ruby-lang.org/en/community for other Rails- und Ruby-related community platforms.
Fcdafe495dccc04d27f6dbbcdf54aecc?d=identicon&s=25 Woei Shyang (generik)
on 2006-03-21 11:36
Hi,

Suppose I have a resource such as http://localhost:3000/topsecret/data
that requires the user to login first.

What I did was make use of before_filter to check and see if the session
variable is set with the logged in user's id (similar to the example in
"Agile Web Development with Rails").

However while the filtering function does work correctly in redirecting
the user to the login page, how do I actually capture the original
request made by the user so that I can redirect the user back to the
required resource after s/he has logged in?

Thanks!
F625b891618be8ec32547a07b3192bb0?d=identicon&s=25 Francesc Esplugas (fesplugas)
on 2006-03-21 11:50
(Received via mailing list)
For doing this I usually use a session[]. The user tries to login, and
if
it's not authenticated the authentication method stores the
"intended_controller" in a session[]. Then when the user logs in the
system the login method redirects to the previously intended controller.

Hope that helps,

Francesc

-------------------------------------------------------

##########################################
# The Admin controller
##########################################

   before_filter :authentication

   def authentication
     unless session[:user]
       session[:intended_controller] = '/admin/' + controller_name
       redirect_to :controller => '/account'
     end
   end

#########################################
# The account controller
#########################################

def login
   # Here comes the login code ...
   if # login is successful ...
     redirect_to session[:current_page]
   else
     redirect_to '/account/login'
end

----------------------------------------------------------



--
name. Francesc Esplugas
email. francesc.esplugas@gmail.com
7223c62b7310e164eb79c740188abbda?d=identicon&s=25 Xavier Noria (Guest)
on 2006-03-21 12:02
(Received via mailing list)
On Mar 21, 2006, at 11:36, Woei Shyang wrote:

> redirecting
> the user to the login page, how do I actually capture the original
> request made by the user so that I can redirect the user back to the
> required resource after s/he has logged in?

acts_as_authenticated[*] does this out of the box. However, if you
want to write your own system take a look at the method
redirect_back_or_default here

     http://tinyurl.com/m62y5

-- fxn

[*] http://wiki.rubyonrails.org/rails/pages/Acts_as_au...
Fcdafe495dccc04d27f6dbbcdf54aecc?d=identicon&s=25 Woei Shyang (generik)
on 2006-03-21 12:19
Xavier Noria wrote:
> On Mar 21, 2006, at 11:36, Woei Shyang wrote:
>
>> redirecting
>> the user to the login page, how do I actually capture the original
>> request made by the user so that I can redirect the user back to the
>> required resource after s/he has logged in?
>
> acts_as_authenticated[*] does this out of the box. However, if you
> want to write your own system take a look at the method
> redirect_back_or_default here
>
>      http://tinyurl.com/m62y5
>
> -- fxn
>
> [*] http://wiki.rubyonrails.org/rails/pages/Acts_as_au...

Just curious, is it possible to extend this further such that if the
original request was a HTTP POST, that POST request and with all its
form values could be "repeated" after the user logs in?
B9a732fc30c32098347a0177c75ee27b?d=identicon&s=25 Jeroen Houben (Guest)
on 2006-03-21 12:24
(Received via mailing list)
Woei Shyang wrote:
>>
>>      http://tinyurl.com/m62y5
>>
>> -- fxn
>>
>> [*] http://wiki.rubyonrails.org/rails/pages/Acts_as_au...
>
> Just curious, is it possible to extend this further such that if the
> original request was a HTTP POST, that POST request and with all its
> form values could be "repeated" after the user logs in?

When would you have access to a form but *not* the URL it posts to?

Jeroen
Fcdafe495dccc04d27f6dbbcdf54aecc?d=identicon&s=25 Woei Shyang (generik)
on 2006-03-21 12:40
Jeroen Houben wrote:

> When would you have access to a form but *not* the URL it posts to?
>
> Jeroen

Using ruby-forum as an example, let's say I've clicked on the "reply"
and halfway through a reply I went off elsewhere and hours later I came
back, completed my post, submitted, and realises that my session has
timed out :)
Ddffdd431166f9abb724004bdbe56f8c?d=identicon&s=25 Lucifron (Guest)
on 2006-03-21 12:42
(Received via mailing list)
Jeroen Houben wrote:
> When would you have access to a form but *not* the URL it posts to?
When your session times out while editing the form?

--
View this message in context:
http://www.nabble.com/%22Remembering%22-link-to-re...
Sent from the RubyOnRails Users forum at Nabble.com.
Ddffdd431166f9abb724004bdbe56f8c?d=identicon&s=25 Lucifron (Guest)
on 2006-03-21 13:00
(Received via mailing list)
Woei Shyang wrote:
> However while the filtering function does work correctly in redirecting
> the user to the login page, how do I actually capture the original
> request made by the user so that I can redirect the user back to the
> required resource after s/he has logged in?
>
> Thanks!
See page 130/131 in awdr. There's an example which works by storing
request.parameters in a session variable in your auth filter, then
redirecting to it (or :action => "index", should the session variable be
nil) on successful login.

--
View this message in context:
http://www.nabble.com/%22Remembering%22-link-to-re...
Sent from the RubyOnRails Users forum at Nabble.com.
B9a732fc30c32098347a0177c75ee27b?d=identicon&s=25 Jeroen Houben (Guest)
on 2006-03-21 13:44
(Received via mailing list)
Lucifron wrote:
>>
>> However while the filtering function does work correctly in redirecting
>> the user to the login page, how do I actually capture the original
>> request made by the user so that I can redirect the user back to the
>> required resource after s/he has logged in?
>>
>> Thanks!
> See page 130/131 in awdr. There's an example which works by storing
> request.parameters in a session variable in your auth filter, then
> redirecting to it (or :action => "index", should the session variable be
> nil) on successful login.

I'm not sure about storing it in the session. It may well work just
fine, but I just use a hidden form field to remember the original
request URI because I think storing stuff like that in the session is
going to backfire sooner or later. But maybe I'm just being conservative
;-)

Jeroen
B9a732fc30c32098347a0177c75ee27b?d=identicon&s=25 Jeroen Houben (Guest)
on 2006-03-21 13:49
(Received via mailing list)
Lucifron wrote:
>
> Jeroen Houben wrote:
>> When would you have access to a form but *not* the URL it posts to?
> When your session times out while editing the form?

Yes that's indeed a valid scenario. It's a rare case though so I
wouldn't write any code to handle such a rare case, but that's just my
opinion of course :-)

Jeroen
Fcdafe495dccc04d27f6dbbcdf54aecc?d=identicon&s=25 Woei Shyang (generik)
on 2006-03-21 14:25
Jeroen Houben wrote:
> Lucifron wrote:
> Yes that's indeed a valid scenario. It's a rare case though so I
> wouldn't write any code to handle such a rare case, but that's just my
> opinion of course :-)
>
> Jeroen

Heh that's true, it's nothing serious, I'm just doing it cos I want to
figure out how it is done.

Ironically it turned out that the solution I hacked out was similar to
the one in AWDWR but I keep getting an error.

undefined method `stringify_keys!' for
"usernameasd1lock_version0password":String

What I did was log in, go to a scaffold page to display an edit form,
log out, and then submit the edited form. Sure enough I got redirected
to the login form, but after I logged on it spit out that error.

What's funnier is the parameters got completely borked

Parameters: {"user"=>"usernameasd1lock_version0password",
"commit"=>"Edit", "id"=>"3"}

(the username was asd1 and the rest and pretty self explainatory)

What went wrong here?

:/
Ad7805c9fcc1f13efc6ed11251a6c4d2?d=identicon&s=25 Alex Young (Guest)
on 2006-03-21 14:32
(Received via mailing list)
Woei Shyang wrote:
> What's funnier is the parameters got completely borked
>
> Parameters: {"user"=>"usernameasd1lock_version0password",
> "commit"=>"Edit", "id"=>"3"}
>
> (the username was asd1 and the rest and pretty self explainatory)
>
> What went wrong here?
Looks like a hash got flattened to a string.

{:a => '1', :b => '2'}.to_s ==> 'a1b2'

You're not doing an <%= @params %> (or something to that effect) in a
hidden field in your login form, are you?
Fcdafe495dccc04d27f6dbbcdf54aecc?d=identicon&s=25 Woei Shyang (Guest)
on 2006-03-21 22:12
Alex Young wrote:
> Woei Shyang wrote:
>> What's funnier is the parameters got completely borked
>>
>> Parameters: {"user"=>"usernameasd1lock_version0password",
>> "commit"=>"Edit", "id"=>"3"}
>>
>> (the username was asd1 and the rest and pretty self explainatory)
>>
>> What went wrong here?
> Looks like a hash got flattened to a string.
>
> {:a => '1', :b => '2'}.to_s ==> 'a1b2'
>
> You're not doing an <%= @params %> (or something to that effect) in a
> hidden field in your login form, are you?

Nope, what I did was to store request.parameters into a session variable
when the user is redirected and then attempt to do a redirect to that
stored hash value when the user has logged in.

Any chance that when I did the assignment to the session variable that
Ruby somehow casted the hash into a string?
Ad7805c9fcc1f13efc6ed11251a6c4d2?d=identicon&s=25 Alex Young (Guest)
on 2006-03-22 10:07
(Received via mailing list)
Woei Shyang wrote:
> Any chance that when I did the assignment to the session variable that
> Ruby somehow casted the hash into a string?
>
That'd be my guess, but I haven't the code here to check.  You could
try:

	session[:forward] = YAML::dump(params)

and then:

	redirect_to YAML::load(session[:forward])

or something along those lines.  There may well be a slicker way, but
that should, at least, stop string casting from getting in the way.

--
Alex
This topic is locked and can not be replied to.