From feb38c08f5cbda03d540aef83fc056070e4b7b68 Mon Sep 17 00:00:00 2001 From: Date: Tue, 7 Aug 2007 19:16:04 -0400 Subject: [PATCH] The user model has been modified so that it stores the user object itself in the session[:user]. Session[:user_id] fulfills the purpose of holding the specific id. the test files were also modified to account for the changes. In addition, a couple lines in the SiteController#index method were updated tp utilize new funtionality of ActiveRecord. The changes I made to the Authenitcated user library is available here:http://technoweenie.stikipad.com/plugins/show/Storing+the+User+Model+in+the+Session. --- app/controllers/account_controller.rb | 6 +++--- app/controllers/site_controller.rb | 10 ++++++---- app/models/user.rb | 3 ++- lib/authenticated_system.rb | 7 ++++--- lib/authenticated_test_helper.rb | 2 +- test/functional/account_controller_test.rb | 16 +++++++++------- 6 files changed, 25 insertions(+), 19 deletions(-) diff --git a/app/controllers/account_controller.rb b/app/controllers/account_controller.rb index c13203b..031368b 100644 --- a/app/controllers/account_controller.rb +++ b/app/controllers/account_controller.rb @@ -19,7 +19,7 @@ class AccountController < ApplicationController self.current_user.remember_me cookies[:auth_token] = { :value => self.current_user.remember_token , :expires => self.current_user.remember_token_expires_at } end - redirect_back_or_default(:controller => '/account', :action => 'index') + redirect_back_or_default(:controller => '/site', :action => 'index') flash[:notice] = "Logged in successfully" end end @@ -29,7 +29,7 @@ class AccountController < ApplicationController return unless request.post? @user.save! self.current_user = @user - redirect_back_or_default(:controller => '/account', :action => 'index') + redirect_back_or_default(:controller => '/site', :action => 'index') flash[:notice] = "Thanks for signing up!" rescue ActiveRecord::RecordInvalid render :action => 'signup' @@ -40,6 +40,6 @@ class AccountController < ApplicationController cookies.delete :auth_token reset_session flash[:notice] = "You have been logged out." - redirect_back_or_default(:controller => '/account', :action => 'index') + redirect_back_or_default(:controller => '/site', :action => 'index') end end diff --git a/app/controllers/site_controller.rb b/app/controllers/site_controller.rb index f6b36a7..7768322 100644 --- a/app/controllers/site_controller.rb +++ b/app/controllers/site_controller.rb @@ -5,10 +5,11 @@ class SiteController < ApplicationController def index @quickvotes = QuickVote.find(:all, ["quickvote = 1"]).sort {|a,b| b.enddate <=> a.enddate}[0..1] # if the person claims they are logged in - if session[:user] - + + if logged_in? # check to see that we actually have record of them - if User.find(:all, ["id = ?", session[:user].id]).length == 1 + if User.exists?(session[:user]) + username = User.find(session[:user]).login # if we have record of them, grab the list of their elections session[:user] = User.find(session[:user]) @current_elections = session[:user].elections.sort do |a,b| @@ -16,8 +17,9 @@ class SiteController < ApplicationController end else # if we have no record of them, set the session id back to - # nothing and start again + # nothing and start again session[:user] = nil + end end end diff --git a/app/models/user.rb b/app/models/user.rb index 64fd71c..78266ad 100755 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -4,7 +4,8 @@ class User < ActiveRecord::Base # Virtual attribute for the unencrypted password attr_accessor :password - + attr_accessor :current_user + validates_presence_of :login, :email validates_presence_of :password, :if => :password_required? validates_presence_of :password_confirmation, :if => :password_required? diff --git a/lib/authenticated_system.rb b/lib/authenticated_system.rb index 840d89a..370a3e9 100644 --- a/lib/authenticated_system.rb +++ b/lib/authenticated_system.rb @@ -3,17 +3,18 @@ module AuthenticatedSystem # Returns true or false if the user is logged in. # Preloads @current_user with the user model if they're logged in. def logged_in? - current_user != :false + (@current_user ||= session[:user_id] ? User.find_by_id(session[:user_id]) : :false).is_a?(User) end # Accesses the current user from the session. def current_user - @current_user ||= (session[:user] && User.find_by_id(session[:user])) || :false + @current_user if logged_in? end # Store the given user in the session. def current_user=(new_user) - session[:user] = (new_user.nil? || new_user.is_a?(Symbol)) ? nil : new_user.id + session[:user] = new_user + session[:user_id] = new_user.nil? ? nil : new_user.id @current_user = new_user end diff --git a/lib/authenticated_test_helper.rb b/lib/authenticated_test_helper.rb index a704035..83fc20c 100644 --- a/lib/authenticated_test_helper.rb +++ b/lib/authenticated_test_helper.rb @@ -1,7 +1,7 @@ module AuthenticatedTestHelper # Sets the current user in the session from the user fixtures. def login_as(user) - @request.session[:user] = user ? users(user).id : nil + @request.session[:user_id] = user ? users(user).id : nil end def content_type(type) diff --git a/test/functional/account_controller_test.rb b/test/functional/account_controller_test.rb index 3c8cd22..21e20ac 100644 --- a/test/functional/account_controller_test.rb +++ b/test/functional/account_controller_test.rb @@ -25,22 +25,23 @@ class AccountControllerTest < Test::Unit::TestCase def test_should_fail_login_and_not_redirect post :login, :login => 'quentin', :password => 'bad password' - assert_nil session[:user] - assert_response :success + assert_nil session[:user] + assert_nil session[:user_id] + assert_response :success end def test_should_allow_signup assert_difference User, :count do - create_user - assert_response :redirect + create_user + assert_response :redirect end end def test_should_require_login_on_signup assert_no_difference User, :count do - create_user(:login => nil) - assert assigns(:user).errors.on(:login) - assert_response :success + create_user(:login => nil) + assert assigns(:user).errors.on(:login) + assert_response :success end end @@ -72,6 +73,7 @@ class AccountControllerTest < Test::Unit::TestCase login_as :quentin get :logout assert_nil session[:user] + assert_nil session[:user_id] assert_response :redirect end -- 2.39.5