注册后如何登录用户?

时间:2021-04-01 15:47:35

I know I should put the code in the create action of the users controller, but I'm not sure what code I should put. I also assume it should call the create action in my sessions controller, but again I'm not sure how...

我知道我应该把代码放到用户控制器的创建操作中,但是我不确定我应该放什么代码。我还假设它应该在我的会话控制器中调用create action,但是我不确定如何…

By the way I tried render :template => 'sessions/create' in the create action of the users controller, but I get this error when signing up:

顺便说一下,我在用户控制器的创建动作中尝试了render:template => 'sessions/create',但是我在注册时遇到了这个错误:

Template is missing

Missing template sessions/create with {:locale=>[:en, :en], :formats=>[:html], :handlers=>[:rjs, :rhtml, :erb, :rxml, :builder]} in view paths "/rubyprograms/dreamstill/app/views", "/rubyprograms/dreamstill/vendor/plugins/facebox_render/app/views"

This is all in my application controller:

这些都在我的应用程序控制器中:

protected 
  # Returns the currently logged in user or nil if there isn't one
  def current_user
    return unless session[:user_id]
    @current_user ||= User.find_by_id(session[:user_id]) 
  end


  # Make current_user available in templates as a helper
  helper_method :current_user

  # Filter method to enforce a login requirement
  # Apply as a before_filter on any controller you want to protect
  def authenticate
    logged_in? ? true : access_denied
  end

  # Predicate method to test for a logged in user    
  def logged_in?
    current_user.is_a? User
  end

  # Make logged_in? available in templates as a helper
  helper_method :logged_in?

  def access_denied
    respond_to do |format|
      format.html do
        flash[:alert] = "You must log in to peform this action."
        redirect_to root_path
      end

      format.js do
        render_to_facebox(:partial => 'sessions/login_box')
      end
    end
     false
  end

3 个解决方案

#1

5  

Somewhere in your controllers you have something that looks like this:

在控制器的某个地方,你有这样的东西:

user = User.new
# set attributes
user.save
render :template => 'sessions/create' # Probably based on your question

All you need to do is update the session to:

您只需将会话更新为:

user = User.new
# set attributes
if(user.save)
   session[:user_id] = user.id
   # Send them somewhere useful
else
   # Handle the error
end

They're signed in once session[:user_id] is set.

一旦会话[:user_id]被设置,它们就会被签署。

#2

1  

Technically?

技术上?

In your controller, after you create your user, this code:

在您的控制器中,创建用户后,以下代码:

@current_user = user

@current_user =用户

should get you going (looks like you're using restful_authentication).

应该让您开始(看起来您正在使用restful_authentication)。

Now, whether it's a good idea to log in a user automatically without verifying their email address / whatever else is up for debate.

现在,如果不验证用户的电子邮件地址,就自动登录用户是一个好主意。

#3

0  

You seem that you just begin with Rails right ? I would highly recommend that you use a gem like Devise to handle your user registrations.

您似乎刚刚开始使用Rails,对吗?我强烈建议您使用类似gem的设备来处理用户注册。

However, if you insist on doing it manually, you would just need to create a session variable that verifies whether a user is logged in or not. Then, you can add a helper like current_user, to get the user if user session shows he/she is logged in.

但是,如果您坚持手工操作,您只需要创建一个会话变量来验证用户是否登录。然后,您可以添加一个类似current_user的帮助器,以便在用户会话显示他/她登录时获得用户。

I see that you have a sessions controller there. Are you trying to use restful_authentication ? If so, once more i highly recommend switching to Devise :)

这里有一个session控制器。您是否正在尝试使用restful_authentication ?如果是的话,我再次强烈建议您更换设计:)

OLD CODE USING RESTFUL AUTHENTICATION - SESSIONS CONTROLLER

使用RESTFUL身份验证的旧代码-会话控制器

# This controller handles the login/logout function of the site.  
class SessionsController < ApplicationController
  # Be sure to include AuthenticationSystem in Application Controller instead
  include AuthenticatedSystem

  # render new.erb.html
  def new
  end

  def create
    logout_keeping_session!
    user = User.authenticate(params[:login], params[:password])
    if user
      # Protects against session fixation attacks, causes request forgery
      # protection if user resubmits an earlier form using back
      # button. Uncomment if you understand the tradeoffs.
      # reset_session
      self.current_user = user
      new_cookie_flag = (params[:remember_me] == "1")
      handle_remember_cookie! new_cookie_flag
      flash[:notice] = "Logged in successfully"
      redirect_to :controller=>'Town'
    else
      note_failed_signin
      @login       = params[:login]
      @remember_me = params[:remember_me]
      render :action => 'new'
    end
  end

  def destroy
    logout_killing_session!
    flash[:notice] = "You have been logged out."
    redirect_back_or_default('/')
  end

protected
  # Track failed login attempts
  def note_failed_signin
    flash[:error] = "Couldn't log you in as '#{params[:login]}'"
    logger.warn "Failed login for '#{params[:login]}' from #{request.remote_ip} at #{Time.now.utc}"
  end
end

#1

5  

Somewhere in your controllers you have something that looks like this:

在控制器的某个地方,你有这样的东西:

user = User.new
# set attributes
user.save
render :template => 'sessions/create' # Probably based on your question

All you need to do is update the session to:

您只需将会话更新为:

user = User.new
# set attributes
if(user.save)
   session[:user_id] = user.id
   # Send them somewhere useful
else
   # Handle the error
end

They're signed in once session[:user_id] is set.

一旦会话[:user_id]被设置,它们就会被签署。

#2

1  

Technically?

技术上?

In your controller, after you create your user, this code:

在您的控制器中,创建用户后,以下代码:

@current_user = user

@current_user =用户

should get you going (looks like you're using restful_authentication).

应该让您开始(看起来您正在使用restful_authentication)。

Now, whether it's a good idea to log in a user automatically without verifying their email address / whatever else is up for debate.

现在,如果不验证用户的电子邮件地址,就自动登录用户是一个好主意。

#3

0  

You seem that you just begin with Rails right ? I would highly recommend that you use a gem like Devise to handle your user registrations.

您似乎刚刚开始使用Rails,对吗?我强烈建议您使用类似gem的设备来处理用户注册。

However, if you insist on doing it manually, you would just need to create a session variable that verifies whether a user is logged in or not. Then, you can add a helper like current_user, to get the user if user session shows he/she is logged in.

但是,如果您坚持手工操作,您只需要创建一个会话变量来验证用户是否登录。然后,您可以添加一个类似current_user的帮助器,以便在用户会话显示他/她登录时获得用户。

I see that you have a sessions controller there. Are you trying to use restful_authentication ? If so, once more i highly recommend switching to Devise :)

这里有一个session控制器。您是否正在尝试使用restful_authentication ?如果是的话,我再次强烈建议您更换设计:)

OLD CODE USING RESTFUL AUTHENTICATION - SESSIONS CONTROLLER

使用RESTFUL身份验证的旧代码-会话控制器

# This controller handles the login/logout function of the site.  
class SessionsController < ApplicationController
  # Be sure to include AuthenticationSystem in Application Controller instead
  include AuthenticatedSystem

  # render new.erb.html
  def new
  end

  def create
    logout_keeping_session!
    user = User.authenticate(params[:login], params[:password])
    if user
      # Protects against session fixation attacks, causes request forgery
      # protection if user resubmits an earlier form using back
      # button. Uncomment if you understand the tradeoffs.
      # reset_session
      self.current_user = user
      new_cookie_flag = (params[:remember_me] == "1")
      handle_remember_cookie! new_cookie_flag
      flash[:notice] = "Logged in successfully"
      redirect_to :controller=>'Town'
    else
      note_failed_signin
      @login       = params[:login]
      @remember_me = params[:remember_me]
      render :action => 'new'
    end
  end

  def destroy
    logout_killing_session!
    flash[:notice] = "You have been logged out."
    redirect_back_or_default('/')
  end

protected
  # Track failed login attempts
  def note_failed_signin
    flash[:error] = "Couldn't log you in as '#{params[:login]}'"
    logger.warn "Failed login for '#{params[:login]}' from #{request.remote_ip} at #{Time.now.utc}"
  end
end
标签:

相关文章