Reputation: 91
Ruby on Rails session[:user_id] not being set properly
I Created a login controller where once a user is logged in, he will be directed to his home page. As shown below, I'm setting the session variable in the login controller. In the application controller I have current user methods which will check whether a user exists for the currently logged in key. Although I log in successfully, If i use later the 'current_user method' given in ApplicationController, It redirects me to the login page as the current_user is a nil object. Does any one have any idea as to where I went wrong.
class User::Signin::LoginController < ApplicationController
def login
render('/login')
end
def attempt_login
@user = User.find_by_email(params[:user][:email])
if @user && @user.authenticate(params[:user][:password])
session[:user_id] = @user.id
flash[:notice] = "You are now logged in"
if @user.role == 1
redirect_to controller: '/patient/home', action: 'show', :id => @user.patient_id
end
if @user.role ==2
redirect_to controller: '/doctor/home', action: 'show', :id => @user.doctor_id
end
if @user.role ==3
redirect_to controller: '/staff/home', action: 'show', :id => @user.staff_id
end
else
flash.now[:notice] = "Invalid username/ password combination."
render 'login/login'
end
end
def logout
session[:user_id] = nil
flash[:notice] = 'logged out'
redirect_to('/login')
end
end
The ApplicationController
class ApplicationController < ActionController::Base
protect_from_forgery
helper_method :current_user
def current_user
@current_user ||= User.find_by_id!(session[:user_id]) if session[:user_id]
end
def require_user
redirect_to '/login' unless current_user
end
def require_admin
redirect_to '/login' unless current_user.admin?
end
def require_doctor
redirect_to '/login' unless current_user.doctor?
end
def require_patient
redirect_to '/login' unless current_user.patient?
end
def require_staff
redirect_to '/login' unless current_user.staff?
end
private
def confrim_logged_in
unless session[:user_id]
flash[:notice] = "Please log in"
redirect_to '/login'
end
end
end
Usage of current_user
class Patient::HomeController < ApplicationController
layout 'patient'
protect_from_forgery
def show
@patient = Patient.find(params[:id])
@current_user=current_user
render('patients/home')
end
end
Upvotes: 0
Views: 1232
Answers (2)
Reputation: 91
I was able to correct the error by changing from params[:user][:email] to params[:session][:email]. Doing this would cause me to change the view variables accordingly too.
def attempt_login
@user = User.find_by_email(params[:session][:email])
if @user && @user.authenticate(params[:session][:password])
session[:user_id] = @user.id
flash[:notice] = "You are now logged in"
//other code//
end
Upvotes: 0
Reputation: 91
Try the below example, hope this helps
def attempt_login
user = User.find_by(email: params[:email])
if user && user.authenticate(params[:password])
session[:user_id]=user.id
flash[:success]="Logged in Successfully "
//ROLE CONDITIONS
else
flash.now[:danger]="Email/Password is not matching"
render'login/login'
end
end
Upvotes: 0
Related Questions
- Rails session doesn't persist
- Rails session id is nil
- Unable to set/use session variables in ruby on rails controller
- Sessions and user_id in rails
- session not keeping track in rails
- Session not getting initialized
- Rails 3.2 session id nil until next request
- Session misunderstanding in Ruby on Rails
- Saving id to session in Rails' ApplicationController somehow doesn't work
- session[:key] = value doesn't work