binarylogic / authlogic_example Goto Github PK

In the example app, you have the destroy method in the user_sessions controller. However, this method does not delete the cookie set if the user clicks "Remember me".

Therefore the user could click a logout link and think they're safely out of the application. Meanwhile, someone else could come along and get right back into the secure areas of the application and view the first user's data.

if we start using it as you described, then anybody can start checking urls like "http://example.com/password_resets/zAk3O7mRnjTdPfaLkePU/edit" and if you have many users on your system then it is more possible to find url for changing pass to somebody else.

The simplest solution: add required field 'email' to app/views/password_resets/edit.html.erb and check it before changing.
Or better add ?email=[email protected] to link in email. And check for it in load_user_using_perishable_token

I keep getting the following error in my login form:

NoMethodError in User_sessions#new

Showing /Users/alvincrespo/Sites/lajobr/app/views/user_sessions/_form.html.erb where line #1 raised:

undefined method `to_key' for #<UserSession: no credentials provided>

Extracted source (around line #1):

1: <%= form_for @user_session do |f| %>
2: <%= f.error_messages %>
3:
4:

# config/environment.rb
config.gem "authlogic"

got this error:

undefined local variable or method "config" for main:Object

script/generate session user_session

Got this error:

Could not find generator 'session'. Maybe you meant 'assets' or 'helper' or 'task'

is there any special requirement for this Tutorial ?

And script/generate is not in my environment, I used rails g instead.
Is that correct?

I have implemented authlogic 2 or 3 times but always hit a sticky patch which turns out to be due a field missing on the model:

undefined method login?' - You missed your crypted password field on user model undefined methodlogged_out?' - You potentially are trying to use logout_on_timeout option which depends on last_request_at

I had to dig through source code to work out the second of those.

Explcit check for these messages and a suggestion message would really help on this.

http://authlogicexample.binarylogic.com/ => 404 !

Thx :)

I followed this example exactly and keep getting template error undefined method for login, username etc. someone else had this problem on another site and added login_field :login to the user_session.rb
yet in your example you dont have to do this.

Hi,I followed your tutorial to setup Authlogic.
I am getting this error when i try to create a new user.
Full trace

http://pastie.org/614421

Im getting the following error:

http://rails.pastebin.com/NXetTXx3

Anyone know that it can be?

ActionView::Template::Error (No route matches {:controller=>"user_session", :action=>"show"}):

Seems from viewing the controller, there is no "show" method.

seems these controllers are missing in the app from your turorial

The test states "should destroy user session". How can it do that when there is no session present at the start of the test? There needs to be an action at the start of the test, that creates a session before the call to destroy.

I'm on ubuntu 9.10
after
export RPX_API_KEY='xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx'
export RPX_APP_NAME='my-little-app'
I couldn't login with my google account. But changing RPX_APP_NAME to ENV['RPX_APP_NAME'] in the calls to rpx_popup and rpx_embed in the views they are used fixed the problem.

I did the equivalent in rails3 of this from the documentation:

script/generate session user_session

I assume that would become:

rails generate session user_session

I get the following error:

Could not find generator session.

The setup tutorial leads to an error when form_for makes a call to dom_id with the user_session object, as dom_id in Rails 3 expects the object to define "to_key()"

in Authlogic::Session::ActiveRecordTrickery::InstanceMethods there is this:

# For rails >= 3.0
def to_model
  self
end

...and adding a definition of to_key for the same motivation seems to solve the issue:

module Authlogic::Session::ActiveRecordTrickery::InstanceMethods
  def to_key
    nil
  end
end

The routes say that it should exist, but I don't see it in the app/controller directory.

Make a fresh clone of this app, add a database.yml, run migrations, run the tests...oh, they expect email to be defined.

It's a poor example if it doesn't work, Ben. ;-)

I appreciate you writing this example for authlogic, but it is severely outdated. So much so, that it does not guide our use of authlogic in Rails 3. Please update! I'm having awful issues with my rails app due to authlogic. It's incredibly frustrating!

To use this example app with Rails 3, you need to include the csrf_meta_tag in app/views/layouts/application.html.erb, or you'll get a javascript error when the code in rails.js executes.

Error received:

NoMethodError in User sessionsController#create
undefined method `config' for UserSession:Class

This page:
http://github.com/binarylogic/authlogic_example
... in 3. Ensure proper database fields, last line ( "See the documentation for more details." )

Links to:
http://authlogic.rubyforge.org/

The correct link is now http://rdoc.info/github/binarylogic/authlogic

Hi,

You may want to check the links in your tutorial and on your project page:

http://github.com/binarylogic/authlogic_example.git (page not found)

authlogicexample.binarylogic.com (page not found)

Any idea on having https://rpxnow.com/ exaple branch ?

Thanks in advance
luca

I removed the email field and now I cannot register a new user. I am guessing that acts_as_authentic by default includes email authentication....? But can't figure out how it works without it...