1. 首页
  2. 问答
  3. rails 3.2中的reset_session不起作用

rails 3.2中的reset_session不起作用

2014-07-04 45 views
0

我正在使用Rails 3.2.13和Ruby 1.9.3,并没有使用Devise。rails 3.2中的reset_session不起作用

我正在编写脚本以在每次登录后重置会话。请检查以下代码并指出问题。

在使用reset_session之前,一切都很好。我想使用reset_session功能。

会话控制器

class SessionsController < ApplicationController 
    skip_before_filter :is_loggedin?, :only => [:new, :create] 
    def create 
    render :update do |page| 
    if !params[:email].blank? && !params[:password].blank? 
    if user = User.authenticate(params[:email], params[:password]) 
     if user == "unuser" 
     page.alert("Your username and/or password was incorrect.") 
     elsif !user.account_id.blank? 

     temp_session = session.dup 
     reset_session 
     session.replace(temp_session) 

     # temp = session 
     # reset_session 
     # session.reverse_merge!(temp) 

     if params[:remember_me] 
      cookies.permanent[:user_id] = user.id 
     else 
      cookies[:user_id] = user.id 
     end 
     user.update_attributes(:last_login => Time.now, :is_online => true) 
     user.update_attributes(:time_zone => cookies["time_zone"]) 

     if user.user_type=="teacher" 
      page.redirect_to home_teachers_path(:account_id =>user.account_id) 
     else 
      page.redirect_to home_students_path(:account_id =>user.account_id) 
     end 
     else 
     page.alert("You have not confirmed the activation link yet. Please check your registered email ") 
     end 
    else 
     page.alert("Invalid user/password.") 
    end 
    else 
    page.alert("You can't leave the fields empty.") 
    end 
    end 
end 
end

下面显示的错误日志:

Started POST "/sessions" for 127.0.0.1 at 2014-07-04 19:04:22 +0530 
Processing by SessionsController#create as JS 
Parameters: {"utf8"=>"✓", "authenticity_token"=>"i123213232323233123+dfdfi/3424324324", "email"=>"[email protected]", "password"=>"[FILTERED]"} 
User Load (0.2ms) SELECT `users`.* FROM `users` WHERE `users`.`email` = '[email protected]' LIMIT 1 
Completed 500 Internal Server Error in 20ms 

NameError - undefined local variable or method `reset_session' for #<#<Class:0x000000068995a8>:0x000000075c44f8>: 
app/controllers/sessions_controller.rb:26:in `block in create' 
prototype-rails (3.2.1) lib/action_view/helpers/prototype_helper.rb:152:in `block in initialize' 
actionpack (3.2.13) lib/action_view/helpers/capture_helper.rb:187:in `with_output_buffer' 
prototype-rails (3.2.1) lib/action_view/helpers/prototype_helper.rb:151:in `initialize' 
prototype-rails (3.2.1) lib/prototype-rails/renderers.rb:7:in `block in <module:Renderers>' 
actionpack (3.2.13) lib/action_controller/metal/renderers.rb:35:in `block in _handle_render_options'

来源

2014-07-04 siv rj

+0

评论,它不是 – santosh

+0

了你合作过的变量两种方法会话固定 - 对策。我想实现这个,所以我使用了reset_session。检查链接:http://guides.rubyonrails.org/security.html#sessions http://stackoverflow.com/questions/4812813/rails-login-reset-session –

+0

您的控制器是从 santosh

回答

1

的问题是,你正在做的这一切你render :update块中。

该块内部self不再是控制器,这就是为什么你不能调用reset_session(它是控制器的视图上下文)。

如果我是你,我会尝试,并从输出解开控制器逻辑(生产即通过什么渲染:更新)这reset_session

来源

2014-07-04 18:21:46

相关问题

 相关问题