Home/ Questions/Q 483687
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-13T01:13:23+00:00

I’m using Restful Authentication and I’d like to be able to log in as

  • 0

I’m using Restful Authentication and I’d like to be able to log in as different users on our site to investigate issues they may be having (“see what they see”). Since all passwords are encrypted I obviously can’t just use their passwords.

So, how can I force a session to be logged in as a specific user?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    • In your sessions_controller add action impersonate like this:

      def impersonate
  user = User.find(params[:id])
  logout_killing_session!
  self.current_user = user
  flash[:notice] = t(:logged_in)
  redirect_to root_url
end

    • Then in your routes extend session resource with the member impersonate:

      map.resource :session, :member => {:impersonate => :post}

    • Finally, somewhere in your admin views add a button to each user called “Impersonate”. It will have to look something like this (assuming that user is in local variable user):

      <%= button_to "Impersonate", impersonate_session_path(:id => user.id) %>

    Using this approach you also avoid overriding any tracking data such as time of the last login, etc.

    P.S. Don’t forget to require admin for impersonate action in sessions controller.

    • 0