I’m working through a project that is based off the Hartl tutorial. I’ve setup a user authentication model that works…mostly. Users can sign up, but I’m having a problem with the sign_in process. If a user signs out, it’s impossible for them to sign in. I’ve verified that the database is saving the user’s signup information, so the problem is with acknowleding that the user has signed up. I’ve looked at my logs, but they’re unhelpful.
This is what I get:
Started POST "/sessions" for 127.0.0.1 at 2012-04-15 13:56:46 -0500
Processing by SessionsController#create as HTML
Parameters: {"utf8"=>"✓", "authenticity_token"=>"itOIPKPrXlymcBujKMu4Xjwvs6GlD3jteBQJf+/mYEY=", "session"=>{"email"=>"tester3@tester3.com", "password"=>"[FILTERED]"}, "commit"=>"Sign in"}
User Load (0.3ms) SELECT `users`.* FROM `users` WHERE `users`.`email` = 'tester3@tester3.com' LIMIT 1
Rendered sessions/new.html.erb within layouts/application (1.6ms)
Rendered layouts/_stylesheets.html.erb (2.0ms)
User Load (0.3ms) SELECT `users`.* FROM `users` WHERE `users`.`id` IS NULL LIMIT 1
CACHE (0.0ms) SELECT `users`.* FROM `users` WHERE `users`.`id` IS NULL LIMIT 1
Rendered layouts/_header.html.erb (3.2ms)
Rendered layouts/_footer.html.erb (0.3ms)
Completed 200 OK in 30ms (Views: 16.1ms | ActiveRecord: 2.6ms)
But what I should see is this.
Started POST "/sessions" for 127.0.0.1 at 2012-04-15 12:50:24 -0500
Processing by SessionsController#create as HTML
Parameters: {"utf8"=>"✓", "authenticity_token"=>"h/M5VYBaG16sGiGHTWo26GJSU1/TlMNFjQd5TN1VZ3Y=", "session"=>{"email"=>"tester3@tester3.com", "password"=>"[FILTERED]"}, "commit"=>"Sign in"}
User Load (0.3ms) SELECT `users`.* FROM `users` WHERE `users`.`email` = 'tester3@tester3.com' LIMIT 1
User Load (0.2ms) SELECT `users`.* FROM `users` WHERE `users`.`email` = 'tester3@tester3.com' LIMIT 1[0m
Redirected to http://localhost:3000/users/103
Completed 302 Found in 19ms
My questions are:
What’s the best way to go about trouble shooting this problem?
What are the “obvious” places that where I should start looking. I’m using the user authentication code found here and I’ve successfully implemented it in other projets. It’s just this one that’s giving me trouble.
Here’s my authentication code.
module SessionsHelper
def sign_in(user)
cookies.permanent.signed[:remember_token] = [user.id, user.salt]
self.current_user = user
end
def current_user=(user)
@current_user = user
end
def current_user
@current_user ||= user_from_remember_token
end
def signed_in?
current_user.present?
p "user signed_in? method called"
p current_user
end
def sign_out
cookies.delete(:remember_token)
self.current_user = nil
p "user has signed out" #Method does NOT get called
end
def current_user?(user)
user == current_user
end
def authenticate
deny_access unless signed_in?
end
def deny_access
store_location
redirect_to signin_path, :notice => "Please sign in to access this page."
end
def redirect_back_or(default)
redirect_to(session[:return_to] || default)
clear_return_to
end
private
def user_from_remember_token
p "Looking user up from the cookie"
User.authenticate_with_salt(*remember_token)
end
def remember_token
cookies.signed[:remember_token] || [nil, nil]
end
def store_location
session[:return_to] = request.fullpath
end
def clear_return_to
session[:return_to] = nil
end
end
You asked for obvious, so here’s obvious…
You could print out the cookie value at the beginning of the action.
You can raise an exception at various points in the action. I like to do this. It’s more reliable than the “p” since printing can go through buffered output. I put info that I would print out into the string for the exception. The development mode also spits out helpful information like params.