Before_action infinite loop

76 views
Skip to first unread message

Alfredo Barrero

unread,
May 2, 2014, 10:19:02 AM5/2/14
to rubyonra...@googlegroups.com
Good afternoon all,

I'm trying to restrict the access to the application to paths like "localhost:3000/users/1" without a previus login. To do that I have create this function:

'session_controller.rb'
  before_action :authorize

  def authorize
    if current_user.nil?
      redirect_to home_path
    else
      redirect_to user_path(current_user.id)
    end
  en
d

When the 'current_user' is nil it entryes to an infinite loop. What I have to do to solve this?.


Thanks & Best regards.


Alfredo.

tamouse pontiki

unread,
May 2, 2014, 4:46:37 PM5/2/14
to rubyonra...@googlegroups.com
Without actually seeing the code for what is answering home_path, I'm
going to make a guess that that controller+action is making a call to
the session controller.

Alfredo Barrero

unread,
May 2, 2014, 5:59:18 PM5/2/14
to rubyonra...@googlegroups.com
Yes, when the 'current_user' is nil 'home_path' calls a method from session controller. I understand the reason of the loop, but I don´t know how to fix it :(

I need this way because when the user is not loged he can't access anything from the application.

Thanks ,

Alfred.

tamouse pontiki

unread,
May 3, 2014, 2:27:19 AM5/3/14
to rubyonra...@googlegroups.com
Remove one or the other, your choice. If your application cannot
handle anonymous users (which is legit thing), don't send anonymous
users back to the home controller from the point where they have to
log in. What you should most likely be doing is directing them to a
login screen instead.

Lauree Roberts

unread,
May 3, 2014, 5:20:42 AM5/3/14
to rubyonra...@googlegroups.com

Hello Alfredo,

Could you please provide where and how the current_user is being defined. Are you using an gem for registration/authentication or this is manually defined code?

Also please share the content of controller which contains the action 'home'(for home_path) ?

Well, my guess is that either devise(https://github.com/plataformatec/devise/) or sorcery(https://github.com/NoamB/sorcery/) is being used. If this is the case, it is recommended to use following methods provided by these gems.

1. devise - :authenticate_user! - https://github.com/plataformatec/devise#controller-filters-and-helpers

2. sorcery - :require_login - https://github.com/NoamB/sorcery#api-summary

Thanks,
Lauree

Colin Law

unread,
May 3, 2014, 8:02:23 AM5/3/14
to rubyonra...@googlegroups.com
Or use :only or :except on the filter to specify that certain methods
do/do not have to have authorisation.

Colin

Alfredo Barrero

unread,
May 3, 2014, 12:08:05 PM5/3/14
to rubyonra...@googlegroups.com
Good afternoon all,

First of all thanks for the answers.

Lauree, I been trying to use 'devise' gem but I'm to junior yet, so I'm using other way to the users login and logout. But thanks for the advise.

I'm following what Colin said. With this line in the controllers:   before_action :authorize, only: [:index, :destroy]

Further  I have a question. How can I manage 'strange' requests that come to my app like:  http://localhost:3000/undefinded

Thanks!

Alfredo.

Colin Law

unread,
May 3, 2014, 12:37:26 PM5/3/14
to rubyonra...@googlegroups.com
Please quote the previous message when you are replying, it makes it
easier to follow the thread. Thanks.

What do you mean by manage them? What to you want to do?

Colin

Alfredo Barrero

unread,
May 3, 2014, 12:41:08 PM5/3/14
to rubyonra...@googlegroups.com
Ok sorry. What I need is to redirect the application in the case a bad request comes to my application. For example: http://localhost:3000/undefinded

The application have to redirect that request to a page that says something like “Sorry that page does not exist”.

Thanks
> --
> You received this message because you are subscribed to a topic in the Google Groups "Ruby on Rails: Talk" group.
> To unsubscribe from this topic, visit https://groups.google.com/d/topic/rubyonrails-talk/ZIASaUTOaMg/unsubscribe.
> To unsubscribe from this group and all its topics, send an email to rubyonrails-ta...@googlegroups.com.
> To post to this group, send email to rubyonra...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/rubyonrails-talk/CAL%3D0gLshdwwK3h3QsbYOedzXcmQBc5%3DS6o570iJSRD0DdDwtog%40mail.gmail.com.
> For more options, visit https://groups.google.com/d/optout.

Colin Law

unread,
May 3, 2014, 12:51:54 PM5/3/14
to rubyonra...@googlegroups.com
On 3 May 2014 13:41, Alfredo Barrero <abarr...@gmail.com> wrote:
> Ok sorry. What I need is to redirect the application in the case a bad request comes to my application. For example: http://localhost:3000/undefinded
>
> The application have to redirect that request to a page that says something like "Sorry that page does not exist".

That is already handled for you. Just edit public/404.html to say
whatever you like.

Colin

Alfredo Barrero

unread,
May 3, 2014, 2:06:06 PM5/3/14
to rubyonra...@googlegroups.com
When I type ‘http://localhost:3000/undefinded' I get this page: 

Routing Error

No route matches [GET] "/undefined”


This is a route problem, it is trying to load that path. 

Thanks. 

Alfredo. 

--
You received this message because you are subscribed to a topic in the Google Groups "Ruby on Rails: Talk" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/rubyonrails-talk/ZIASaUTOaMg/unsubscribe.
To unsubscribe from this group and all its topics, send an email to rubyonrails-ta...@googlegroups.com.
To post to this group, send email to rubyonra...@googlegroups.com.

Colin Law

unread,
May 3, 2014, 2:43:58 PM5/3/14
to rubyonra...@googlegroups.com
On 3 May 2014 15:06, Alfredo Barrero <abarr...@gmail.com> wrote:
> When I type ‘http://localhost:3000/undefinded' I get this page:
>
> Routing Error
>
> No route matches [GET] "/undefined”

I *think* that is because you are running in development mode. I
think that if you run it in a production environment that
public/404.html will be displayed, but I must admit I am not sure
exactly how this works. Perhaps someone more knowledgeable will add
detail or correct me.

Colin
> You received this message because you are subscribed to the Google Groups
> "Ruby on Rails: Talk" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to rubyonrails-ta...@googlegroups.com.
> To post to this group, send email to rubyonra...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/rubyonrails-talk/5490C204-493D-42D8-BFF2-6CE6C7D1CC9B%40gmail.com.

Walter Lee Davis

unread,
May 3, 2014, 2:48:17 PM5/3/14
to rubyonra...@googlegroups.com

On May 3, 2014, at 10:43 AM, Colin Law wrote:

> On 3 May 2014 15:06, Alfredo Barrero <abarr...@gmail.com> wrote:
>> When I type ‘http://localhost:3000/undefinded' I get this page:
>>
>> Routing Error
>>
>> No route matches [GET] "/undefined”
>
> I *think* that is because you are running in development mode. I
> think that if you run it in a production environment that
> public/404.html will be displayed, but I must admit I am not sure
> exactly how this works. Perhaps someone more knowledgeable will add
> detail or correct me.

You are correct. The development mode shows the "developer-friendly" errors, and the production mode shows the opaque "user-friendly" errors from the static /public/[nnn].html files. Edit those directly to make them appear any way you like. Remember, they will be served from the / root of the server, so any paths to resources need to be relative from that point.

Walter
> To view this discussion on the web visit https://groups.google.com/d/msgid/rubyonrails-talk/CAL%3D0gLtZ4FuE0HJvHG%3DNsEL0r7EKGt8gU4t5ZAWXuEVQ%3D08r6A%40mail.gmail.com.
Message has been deleted

Colin Law

unread,
May 3, 2014, 8:59:48 PM5/3/14
to rubyonra...@googlegroups.com
On 3 May 2014 19:19, Alfredo Barrero <abarr...@gmail.com> wrote:
> Ok! And how can I test the production enviroment?.

Do you mean how can you run automated tests in the production
environment or do you mean how can you run your app in the production
environment to see whether it functions as described?

Colin
Reply all
Reply to author
Forward
0 new messages