Home/ Questions/Q 5960261
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-22T18:48:07+00:00

Controller Call user = User.authenticate(params[:session][:email], params[:session][:password]) Authenticate Method in user.rb class << self def

  • 0

Controller Call

user = User.authenticate(params[:session][:email],
                         params[:session][:password])

Authenticate Method in user.rb

class << self
   def authenticate(email, submitted_password)
      user = find_by_email(email)
      user && user.has_password?(submitted_password) ? user : nil
      #return nil if user.nil?
      #return user if user.has_password?(submitted_password)
   end
end

I’ve been looking at some example rails code and I’m a little confused by this. I understand that it’s calling the authenticate method on the user object and then sending in an email and password values, but what is the :session symbol for? I look all through the code to find it, but I can’t seem to figure it out. I don’t see a method named session or anything.

Also, when the user actually uses the program, they only give a value for email and password, nothing for session. Not really sure what it’s doing.

I’m asking this because it seems like some “rails general practice” type of thing. However I might be wrong and am not providing enough information. Please let me know if I have not.

Lastly, the Class << self, that is just there to define that the User object is being created in that class correct?

Thanks for the help in advance! (Also I know the moderators are going to edit this to fix my code block, if you guys could tell me what I’m doing wrong and how to fix it, I’d appreciate it!)

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Alright, there’s about 50 different questions there, but let’s see how we go.

    First: the params method returns a list of parameters received by your controller’s action. These are often (99%) sent through by the request, but also can be set by middleware. These two parameters, params[:session][:email] and params[:session][:password]are coming through like that because on the page before hand you’ve defined a text_field like this (I’m guessing):

     <%= text_field "session", "email" %>

    The first argument to this method tells Rails what object to operate on, namely a @session (or @user_session) object (which is not the same as the session object you may see in controllers). The second argument gives a special, unique name to this field. In this case, it’s email. Because it’s been defined like this, it will be passed back to the controller as params[:session][:email] and not simply params[:email]. It is done this way so that you can differentiate different fields which may send back similarly named values.

    That should answer what session is. The :session “thing” itself is actually a symbol. If you’ve done some reading about Ruby you would know what they are.

    Finally: the class << self ‘special sauce’ is actually defining a class-level method for the class that it’s in. You could also define this by doing it this way:

    def self.authenticate(arguments)
  # code goes here
end

    Some people prefer class << self as it allows you to group class methods into a big block of them, but others prefer the explicit statement of def self.method (there’s even some who do def SomeClass.method! Don’t listen to them…). It’s up to you what path you choose here.

    Okay, so my estimate of 50 questions was a little off (by 48) but I think this should help you understand some things. If you’re still confused, see a doctor or read a Rails book.

    • 0