Hi,I am trying to create a user autentication system. Normally the
user autentication system works fine but now i want to include the
login and logout in the header of the application. so that u can login
and logout in any part of the application
this it the weird part of the problem. let’s say i am in articles/
search then i login and logout there is no problem. but when i go to
articles/show i get
Processing GroceriesController#7 (for 192.168.71.2 at 2008-10-07
20:22:14) [POST]
Session ID:
BAh7CDoMY3NyZl9pZCIlZmYyODM1OGM3OGM5ODA5NThhYWM0MDIwMGM0Y2E3
ZDg6DHVzZXJfaWRpByIKZmxhc2hJQzonQWN0aW9uQ29udHJvbGxlcjo6Rmxh
c2g6OkZsYXNoSGFzaHsABjoKQHVzZWR7AA==–8a4d25e872b1a1d27e663069f94087a6245f75aa
Parameters:
{“authenticity_token”=>“2f8d0d7adeea4495c27d1c045a14675dad7294f8”,
“action”=>“7”, “controller”=>“groceries”}
ActionController::UnknownAction (No action responded to 7):
which does not make sense cause the logout link is linked to
the :action :destroy
Next i try logging out in search and logging in inside :show and
logging out inside :show as well and everything works.
here is the Layout :
<%= stylesheet_link_tag ‘star’ %>
<%= javascript_include_tag :defaults, “jquery” %>
<%= yield %>
Partial view “_login_panel.html.erb”:
<%= User.find(session[:user_id]).login %> ,you are logged in! ||
<
%= link_to_remote “logout”, :url => {:controller =>
‘articles’, :action => ‘destroy’} %>
<% else %>
<% form_remote_tag :url => {:controller => “articles”, :action =>
“create”} do %>
Login:
<%= text_field_tag :login, params[:login] %>
Password:
<%= password_field_tag ‘password’ %>
Remember me for 2 weeks:
<%= check_box_tag ‘remember_me’ %>
<%= submit_tag ‘Log in’ %>
<% end -%>
<% end -%>
Articles controller:
class ArticlesController < ApplicationController
protect_from_forgery :only => [:create, :delete, :update]
def create
password_authentication(params[:login], params[:password])
end
def rate
@articles = Article.find(params[:id])
@articles.rate(params[:stars], User.find(session[:user_id]))
some page update here …
respond_to do |format|
format.js {
render :update do |page|
page.replace_html 'ratingdiv', :partial => 'grocery_with_rating'
end
}
end
end
def search
articles_per_page = 12
@articles = Article.search params[:query], {:page =>
params[:page], :per_page => articles_per_page}
if request.xml_http_request?
render :partial => "search", :layout => false
end
end
def show
@articles = Article.find(params[:id])
respond_to do |format|
format.html # index.html.erb
format.xml { render :xml => @articles }
end
end
def destroy
self.current_user.forget_me if logged_in?
cookies.delete :auth_token
reset_session
render :update do |page|
page.replace_html "login_panel", :partial => "login_panel"
end
end
protected
Updated 2/20/08
def password_authentication(login, password)
user = User.authenticate(login, password)
if user == nil
failed_login(“Your username or password is incorrect.”)
elsif user.activated_at.blank?
failed_login(“Your account is not active, please check your
email for the activation code.”)
elsif user.enabled == false
failed_login(“Your account has been disabled.”)
else
self.current_user = user
successful_login
end
end
private
def failed_login(message)
flash.now[:error] = message
render :action => ‘new’
end
def successful_login
if params[:remember_me] == “1”
self.current_user.remember_me
cookies[:auth_token] = { :value =>
self.current_user.remember_token , :expires =>
self.current_user.remember_token_expires_at }
else
self.current_user.remember_me2
cookies[:auth_token] = { :value =>
self.current_user.remember_token , :expires =>
self.current_user.remember_token_expires_at }
end
flash[:notice] = "Logged in successfully"
return_to = session[:return_to]
if return_to.nil?
render :update do |page|
page.replace_html "login_panel", :partial => "login_panel"
end
else
redirect_to return_to
end
end
end