Not automatically logging in

22 views
Skip to first unread message

gobigdave

unread,
Oct 23, 2009, 11:01:40 PM10/23/09
to Authlogic
I just migrated an app to auth_logic from restful_auth. Everything
works great, but I can't get automatic login working. I see it
happening in the example app, but I can't get things to work in my
app. This happens with user activation and password resets. Here is
some code from password reset:

password_resets_controller.rb:

def update
if @user.reset_password!(params[:password], params
[:password_confirmation])
flash[:notice] = "Password successfully reset"
redirect_to(home_path)
else
flash[:error] = build_errors_for_flash(@user, "Password could
not be reset. Please try again.")
render :action => :edit
end
end

user.rb:

def reset_password!(pwd, pwd_confirm)
self.password = pwd
self.password_confirmation = pwd_confirm
self.reset_perishable_token
success = self.save
Mailer.deliver_reset_password(self) if success
return success
end

After successfully reseting the password, my user is not logged in,
and I can't redirect to home_path without being redirected to login
(the home action requires a user). All the doc I see says that saving
the user like this should have logged them in. From reset password
tutorial: "The update method is nice, because if the user is
successfully saved, Authlogic will automatically log them in, keeping
your PasswordResetsController focused on resetting passwords, not
sessions."

Any ideas where I can look to see what I'm doing that different?

gobigdave

unread,
Oct 25, 2009, 8:15:06 AM10/25/09
to Authlogic
I tried lots of other combinations (@user.save in controller,
rearranging code, etc.), but nothing worked unless I explicitly logged
the user in.

password_resets_controller.rb:

def update
if @user.reset_password!(params[:password], params
[:password_confirmation])
flash[:notice] = "Password successfully reset"
# Authlogic is supposed to automatically login, but it doesn't
seem to for me.
UserSession.create!(:email => @user.email, :password =>
@user.password, :remember_me => false)
redirect_to(home_path)
else
flash[:error] = build_errors_for_flash(@user, "Password could
not be reset. Please try again.")
render :action => :edit
end
end

Anyone have any ideas? Is there a setting I have that shuts this off?

My user.rb:

acts_as_authentic do |c|
c.transition_from_restful_authentication true
c.login_field :email
c.validate_email_field false
c.perishable_token_valid_for 1.hour
c.ignore_blank_passwords false
end

My user_session.rb:

generalize_credentials_error_messages true
find_by_login_method :find_by_all_emails
remember_me_for 2.weeks

gobigdave

unread,
Oct 25, 2009, 9:00:02 PM10/25/09
to Authlogic
OK, this is driving me nuts because I might have to go back to the old
scheme. Now, when a user is logged in, they end up being logged out
when a password changes. Again, according the example app, this is not
supposed to happen. I've been stepping through code for a while now
without any luck. As far as I can see, my app's path is pretty much
the same as the examples. However, I end up logged out when I
shouldn't, and I don't login when I should. Everything else seems to
work fine.

I'm starting to have second thoughts.

Anyone know where else I can look?

zoopzoop

unread,
Oct 26, 2009, 12:40:46 PM10/26/09
to Authlogic
If you set up the example app, does automatically logging in and
staying logged in when changing your password work?
If yes, try changing the code line for line to match your current
code, then you should see where and when it breaks.

gobigdave

unread,
Oct 26, 2009, 11:10:00 PM10/26/09
to Authlogic
Yes, the example app works correctly. I tried changing my code to
match what's in the example app, but the behavior did not change.
Watching the logs, it looks like the persistence_token is updated (as
it's supposed to be), but it doesn't look like my session is being
properly updated. I will try the line-by-line changes again just to be
sure. After that, I will attempt to step through with a debugger.

If it matters, I'm using cookies as my session store. I doubt that's
it because the example app does as well. Could it be something funny
with my models? I have:

class Person < ActiveRecord::Base; end
class User < Person; end
class Contact < Person; end

Users are who logs in. I tried moving acts_as_authentic to Person, but
that didn't change anything.

-Dave

gobigdave

unread,
Oct 27, 2009, 10:39:27 PM10/27/09
to Authlogic
I think I found the problem. After much experimentation, I converged
on there is something wrong with the connection between my User and
UserSession models. When a User was saved, the UserSession was not
saved and the user_credentials were not updated. Looking at the
AuthLogic code, the default session_class should be "#{klass.name}
Session".constantize. However, my User model inheriting from Person
must have messed that up. If I explicitly set user_session in my
model, then things seem to work properly again.

class User < Person
acts_as_authentic do |c|
c.session_class UserSession
end
end

YMMV

Jared Fine

unread,
Oct 28, 2009, 11:01:47 AM10/28/09
to auth...@googlegroups.com
That'll do it. The reverse happened with me. I changed the name of my session from UserSession to something else.

Jared Fine
http://jfine.org/
Reply all
Reply to author
Forward
0 new messages