I know I should put the code in the create action of the users controller, but I'm not sure what code I should put. I also assume it should call the create action in my sessions controller, but again I'm not sure how...
我知道我应该把代码放到用户控制器的创建操作中,但是我不确定我应该放什么代码。我还假设它应该在我的会话控制器中调用create action,但是我不确定如何…
By the way I tried render :template => 'sessions/create'
in the create action of the users controller, but I get this error when signing up:
顺便说一下,我在用户控制器的创建动作中尝试了render:template => 'sessions/create',但是我在注册时遇到了这个错误:
Template is missing
Missing template sessions/create with {:locale=>[:en, :en], :formats=>[:html], :handlers=>[:rjs, :rhtml, :erb, :rxml, :builder]} in view paths "/rubyprograms/dreamstill/app/views", "/rubyprograms/dreamstill/vendor/plugins/facebox_render/app/views"
This is all in my application controller:
这些都在我的应用程序控制器中:
protected
# Returns the currently logged in user or nil if there isn't one
def current_user
return unless session[:user_id]
@current_user ||= User.find_by_id(session[:user_id])
end
# Make current_user available in templates as a helper
helper_method :current_user
# Filter method to enforce a login requirement
# Apply as a before_filter on any controller you want to protect
def authenticate
logged_in? ? true : access_denied
end
# Predicate method to test for a logged in user
def logged_in?
current_user.is_a? User
end
# Make logged_in? available in templates as a helper
helper_method :logged_in?
def access_denied
respond_to do |format|
format.html do
flash[:alert] = "You must log in to peform this action."
redirect_to root_path
end
format.js do
render_to_facebox(:partial => 'sessions/login_box')
end
end
false
end
3 个解决方案
#1
5
Somewhere in your controllers you have something that looks like this:
在控制器的某个地方,你有这样的东西:
user = User.new
# set attributes
user.save
render :template => 'sessions/create' # Probably based on your question
All you need to do is update the session
to:
您只需将会话更新为:
user = User.new
# set attributes
if(user.save)
session[:user_id] = user.id
# Send them somewhere useful
else
# Handle the error
end
They're signed in once session[:user_id]
is set.
一旦会话[:user_id]被设置,它们就会被签署。
#2
1
Technically?
技术上?
In your controller, after you create your user, this code:
在您的控制器中,创建用户后,以下代码:
@current_user = user
@current_user =用户
should get you going (looks like you're using restful_authentication).
应该让您开始(看起来您正在使用restful_authentication)。
Now, whether it's a good idea to log in a user automatically without verifying their email address / whatever else is up for debate.
现在,如果不验证用户的电子邮件地址,就自动登录用户是一个好主意。
#3
0
You seem that you just begin with Rails right ? I would highly recommend that you use a gem like Devise to handle your user registrations.
您似乎刚刚开始使用Rails,对吗?我强烈建议您使用类似gem的设备来处理用户注册。
However, if you insist on doing it manually, you would just need to create a session variable that verifies whether a user is logged in or not. Then, you can add a helper like current_user, to get the user if user session shows he/she is logged in.
但是,如果您坚持手工操作,您只需要创建一个会话变量来验证用户是否登录。然后,您可以添加一个类似current_user的帮助器,以便在用户会话显示他/她登录时获得用户。
I see that you have a sessions controller there. Are you trying to use restful_authentication ? If so, once more i highly recommend switching to Devise :)
这里有一个session控制器。您是否正在尝试使用restful_authentication ?如果是的话,我再次强烈建议您更换设计:)
OLD CODE USING RESTFUL AUTHENTICATION - SESSIONS CONTROLLER
使用RESTFUL身份验证的旧代码-会话控制器
# This controller handles the login/logout function of the site.
class SessionsController < ApplicationController
# Be sure to include AuthenticationSystem in Application Controller instead
include AuthenticatedSystem
# render new.erb.html
def new
end
def create
logout_keeping_session!
user = User.authenticate(params[:login], params[:password])
if user
# Protects against session fixation attacks, causes request forgery
# protection if user resubmits an earlier form using back
# button. Uncomment if you understand the tradeoffs.
# reset_session
self.current_user = user
new_cookie_flag = (params[:remember_me] == "1")
handle_remember_cookie! new_cookie_flag
flash[:notice] = "Logged in successfully"
redirect_to :controller=>'Town'
else
note_failed_signin
@login = params[:login]
@remember_me = params[:remember_me]
render :action => 'new'
end
end
def destroy
logout_killing_session!
flash[:notice] = "You have been logged out."
redirect_back_or_default('/')
end
protected
# Track failed login attempts
def note_failed_signin
flash[:error] = "Couldn't log you in as '#{params[:login]}'"
logger.warn "Failed login for '#{params[:login]}' from #{request.remote_ip} at #{Time.now.utc}"
end
end
#1
5
Somewhere in your controllers you have something that looks like this:
在控制器的某个地方,你有这样的东西:
user = User.new
# set attributes
user.save
render :template => 'sessions/create' # Probably based on your question
All you need to do is update the session
to:
您只需将会话更新为:
user = User.new
# set attributes
if(user.save)
session[:user_id] = user.id
# Send them somewhere useful
else
# Handle the error
end
They're signed in once session[:user_id]
is set.
一旦会话[:user_id]被设置,它们就会被签署。
#2
1
Technically?
技术上?
In your controller, after you create your user, this code:
在您的控制器中,创建用户后,以下代码:
@current_user = user
@current_user =用户
should get you going (looks like you're using restful_authentication).
应该让您开始(看起来您正在使用restful_authentication)。
Now, whether it's a good idea to log in a user automatically without verifying their email address / whatever else is up for debate.
现在,如果不验证用户的电子邮件地址,就自动登录用户是一个好主意。
#3
0
You seem that you just begin with Rails right ? I would highly recommend that you use a gem like Devise to handle your user registrations.
您似乎刚刚开始使用Rails,对吗?我强烈建议您使用类似gem的设备来处理用户注册。
However, if you insist on doing it manually, you would just need to create a session variable that verifies whether a user is logged in or not. Then, you can add a helper like current_user, to get the user if user session shows he/she is logged in.
但是,如果您坚持手工操作,您只需要创建一个会话变量来验证用户是否登录。然后,您可以添加一个类似current_user的帮助器,以便在用户会话显示他/她登录时获得用户。
I see that you have a sessions controller there. Are you trying to use restful_authentication ? If so, once more i highly recommend switching to Devise :)
这里有一个session控制器。您是否正在尝试使用restful_authentication ?如果是的话,我再次强烈建议您更换设计:)
OLD CODE USING RESTFUL AUTHENTICATION - SESSIONS CONTROLLER
使用RESTFUL身份验证的旧代码-会话控制器
# This controller handles the login/logout function of the site.
class SessionsController < ApplicationController
# Be sure to include AuthenticationSystem in Application Controller instead
include AuthenticatedSystem
# render new.erb.html
def new
end
def create
logout_keeping_session!
user = User.authenticate(params[:login], params[:password])
if user
# Protects against session fixation attacks, causes request forgery
# protection if user resubmits an earlier form using back
# button. Uncomment if you understand the tradeoffs.
# reset_session
self.current_user = user
new_cookie_flag = (params[:remember_me] == "1")
handle_remember_cookie! new_cookie_flag
flash[:notice] = "Logged in successfully"
redirect_to :controller=>'Town'
else
note_failed_signin
@login = params[:login]
@remember_me = params[:remember_me]
render :action => 'new'
end
end
def destroy
logout_killing_session!
flash[:notice] = "You have been logged out."
redirect_back_or_default('/')
end
protected
# Track failed login attempts
def note_failed_signin
flash[:error] = "Couldn't log you in as '#{params[:login]}'"
logger.warn "Failed login for '#{params[:login]}' from #{request.remote_ip} at #{Time.now.utc}"
end
end