1

Learning rails development and would usually prefer to search out an answer than waste peoples time but this has been doing my head in all night.

Essentially I'm trying to present user-dependant views ala github etc.

I'm trying to follow the instructions laid out here: http://collectiveidea.com/blog/archives/2011/05/31/user-centric-routing-in-rails-3/

My authentication at the moment is from the railscast "Authentication from Scratch - revised" which uses sessions, my sessions_crontroller.rb:

class SessionsController < ApplicationController
    def new
    end

    def create
      user = User.find_by_email(params[:email])
      if user && user.authenticate(params[:password])
        session[:user_id] = user.id
        redirect_to root_url, notice: "Logged in!"
      else
        flash.now.alert = "Email or password is invalid"
        render "new"
      end
    end

    def destroy
      session[:user_id] = nil
      redirect_to root_url, notice: "Logged out!"
    end
end

And my routes.rb:

C::Application.routes.draw do

root :to => "static_pages#home", :constraints => LoggedInConstraint.new(false)
root :to => "users#show", :constraints => LoggedInConstraint.new(true)

resources :users
resources :sessions

As per my understanding, because I'm not using cookies the final comment under that blog posts recommends using request.session[:your_key] in place of request.cookies.key?("user_token") however when logged in I am still taken to static_pages#home? If anyone could shed some light on the topic I would very much appreciate it.

I also apologise for any formatting errors etc, this is my first question on stackoverflow.

Thanks again!

4

1 回答 1

1

不确定你的确切问题,但我只是做了类似的事情,所以也许我的代码会帮助你:

我的路线:

# Except from config/routes.rb
require File.expand_path("../../lib/role_constraint", __FILE__)

MyApp::Application.routes.draw do
  mount Resque::Server, :at => "/resque", :constraints => RoleConstraint.new('admin')
  ...
  ...
  ...

我的约束:

# lib/role_constraints.rb
class RoleConstraint < Struct.new(:value)
  def matches?(request)
    request.session[:role] == value
  end
end

我的会话控制器:

# app/controllers/sessions_controller.rb
class SessionsController < ApplicationController
  before_filter :require_user, :only => :destroy
  def new
  end

  def create
    user = User.find_by_username(params[:username])
    if user && user.authenticate(params[:password])
      session[:user_id] = user.id

      # Just for /resque
      # Not secure - if you change a user's role, it will not be updated here
      # until they log out and log in again.
      session[:role] = user.role

      if user.email.nil?
        redirect_to user, :notice => "Please add your email address to your account"
      else
        redirect_to root_url, :notice => "Logged in!"
      end
    else
      flash.now.alert = "Invalid email or password"
      render "new"
    end
  end

  def destroy
    session[:user_id] = nil
    session[:current_project_id] = nil
    redirect_to root_url, :notice => "Logged out!"
  end
end
于 2012-05-17T19:46:08.570 回答