before_save messing up

[5T41N5]

#user.rb ------> Model

class User < ActiveRecord::Base
attr_accessible :email, :name, :password, :password_confirmation
has_secure_password

before_save :create_remember_token
.
.
.
.
.
.
.
private
def create_remember_token
self.remember_token = SecureRandom.urlsafe_base64
end

end

#sessions_controller.rb -------> Sessions Controller

class SessionsController < ApplicationController
def new

end

def create
user = User.find_by_email(params[:session][:email])
if user && user.authenticate(params[:session][:password])
sign_in user
redirect_to user
else
flash.now['error'] = 'Invalid email/password combination'
render :new
end
end

def destroy

end
end

#sessions_helper.rb ------> Sessions Helper

module SessionsHelper
def sign_in(user)
cookies.permanent[:_pm] = user.remember_token
current_user = user
end
end

The problem is the cookie doesn't get set to any value at all. It's
always nil.
Thanks in advance for any assistance given.

[All the code is hosted here: https://github.com/TAKE2/RoR-Tutorial]

[Max]

not sure if this is it or not but.... do you need to add the remember_token to the attr_accessible list?

[Frederick Cheung]

On May 12, 9:06 am, 5T41N5 <yawboaky...@gmail.com> wrote:

> module SessionsHelper
>   def sign_in(user)
>     cookies.permanent[:_pm] = user.remember_token
>     current_user = user
>   end
> end
>
> The problem is the cookie doesn't get set to any value at all. It's
> always nil.
> Thanks in advance for any assistance given.
>

So does the user that you are testing with have a remember_token or is
it nil (perhaps you added the before save after you created that
user) ?

Fred

[Yaw Boakye elGran]

I reset the db which clears all the users already created. Every new user has a nil for the remember_token field. That's the absurdity, the column in the db cannot be field with the value before the user is created.

[Frederick Cheung]

Does your before_save get executed? I'd stick a breakpoint in there
and verify that it gets hit (although I can't think why it wouldn't)

Fred

[Max]

I'm pretty new to ruby and rails BUT, I've had problems in the past
like this when I didn't set the variable up with the attr_accessible
in the model...

when you try to access the remember_token in the SessionHelper, is it
in scope without the attribute set up or is that why you're getting
nil?

try adding

attr_accessible :remember_token

to the top of your model and see if that helps...

I'd also add a

fail self.inspect in the callback after you make the assignment to
see:
1. that it's getting there
2. if the value is being set to something other than nil

just some thoughts from a noob

[Yaw Boakye elGran]

attr_accessible describes columns of the db whose values can be set and/or modified by the user through the web interface (at least that's what I believe). That's my reason for exempting :remember_token from the list. I'd give it a try and examine the security infringements. If they're not grave, I'd stick with your plan.

Thanks in advance :)

[Frederick Cheung]

Sort of. it means that the value can be set by update_attributes or
the other APIs that take a hash of attributes. It has no effect on the
ability to do self.remember_token = 'blah'

Fred

[Max]

but wouldn't it have an affect on the ability to access the
remember_token in the SessionHelper?

in this code:

module SessionsHelper
def sign_in(user)
cookies.permanent[:_pm] = user.remember_token
current_user = user
end
end

[Frederick Cheung]

On May 14, 1:32 pm, Max <aa...@xmission.com> wrote:
> but wouldn't it have an affect on the ability to access the
> remember_token in the SessionHelper?
>

No. Like i said it affects the ability to write attributes by passing
a hash of keys to values. It never affects reading column values and
never affects the ability to write values explicitly

Fred

[Tyler]

In your first post you say the cookie doesn't get set, then later you say the database column doesn't get set.  Which is the problem?

Also, is there a reason you're setting cookies.permanent[:_pm] rather than cookies.permanent[:remember_token]?  I'm not sure how rails would find it if the names don't match what you've set in the User model. 

[Yaw Boakye elGran]

The cookie name is independent of the column name. The cookie is created but has no value when I check it in my browser. I use Chrome (on PC). Thanks for your support

[Yaw Boakye elGran]

Problem has been resolved quite mysteriously. I deleted all my browser cookies and it worked now. I'm trying to figure out why that could be a solution. So hang on, I'd write everything here. Thanks for the family feeling. RAILS 4EVER!!!!!!!