StackOverflow2013

Note that there are some explanatory texts on larger screens.

plurals

POHow to use 'Has_secure_password', when trying to refactor?
primarykey
Id
8993084
data
AcceptedAnswerId
10107779
AnswerCount
1
ClosedDate
CommentCount
0
CommunityOwnedDate
CreationDate
2012-01-24T19:46:12.947
FavoriteCount
0
LastActivityDate
2012-04-11T14:16:29.323
LastEditDate
2012-01-29T19:47:37.993
LastEditorUserId
1148312
OwnerUserId
1148312
ParentId
0
PostTypeId
1
Score
1
ViewCount
1717
LastEditorDisplayName
text
Body
I am trying to refactor the railstutorial authorization mechanism. My version of rails is 3.2.0 and I am using ruby 1.9.3-p0 and postrgresql 9.1. So far, my tests are passing when it comes to a failed attempt to sigin but the successfull sign in fails.(The reason is that I have to refactor the old signin mechanism) Here is my session helpers sign_in function: <pre><code>def sign_in(employee) cookies.permanent.signed[:remember_token] = [employee.id, employee.salt] self.current_employee = employee end. </code></pre> One problem I see immediately with the sign_in function is that has_secure_password already takes care of the encryption and salt etc ... my thinking was that maybe I should use password_digest instead of employee.salt, but that failed as well. I would like to have my cookies expire after two hours. I found this option at api.rubyonrails.org under cookies. <pre><code> cookies[:key] = { value => "employee.id, employee.salt", expires => 2.hours.from.now } </code></pre> Another question I have has to do with the fact that has_secure_password already has an authenticate method so that means that I do not have to use the authenticate definition defined in the employee model,(user model) in the rails tutorial, but when I comment it out I get a flag reading: <pre><code>NoMethodError: undefined method 'authenticate' </code></pre> Here is my session controllers create action: <pre><code>def create employee = Employee.authenticate(params[:session][:email], params[:session][:password]) if employee.nil? flash.now[:error] = "Invalid email/password combination." @title = "Sign in" render 'new' else sign_in employee redirect_back_or employee end end </code></pre> It seems the Employee.authenticate is a problem. So I essentially have three question and they are as follows: In the rails tutorial we go through a fairly lengthly process of encrypting and applying salt etc to the employees password. Since has_secure_password has this already taken care of, what variable would I pass to my functions or arguments that would capture the encrypted password? The next question has to do with the expiration of the cookie, and how I would use that in the sign_in function? Lastly, how do I use the authenticate method so that rails recognizes it as a genuine method? Just for the record, I have searched through railsguide, api.rubyonrails.org and other questions asked on SO that are similar to this one. Of course this merely points up my lack of understanding of the principles, but I am learning and do take direction well. Thanks for any thoughts, suggestions and or resources you might share with me. Update I re-read the api on has_secure_password and authenticate takes only one argument, namely an unencrypted password ... so I have something to work with. I still need any help or thoughts or suggestions that you might offer ... thanks. update I found this article that deals with session timeouts: <a href="http://madkingsmusings.blogspot.com/2011/05/session-timeouts-on-rails.html" rel="nofollow">http://madkingsmusings.blogspot.com/2011/05/session-timeouts-on-rails.html</a> I am still working to see if I can get it to work for me, but it is tailored for the railstutorial. As for the other questions, Michael Hartl is busy pushing out the second edition of Ruby on Rails tutorial and in that edition he will be dealing with has_secure_password.
Tags
<ruby-on-rails-3><rspec><authorization><railstutorial.org>
Title
How to use 'Has_secure_password', when trying to refactor?
singulars
PostAcceptedAnswerId
1. PO
 singulars
 PostTypePostTypeId
 PTAnswer
PostParentId
1. This table or related slice is empty.
PostTypePostTypeId
1. PTQuestion
UserLastEditorUserId
1. USthomasvermaak
UserOwnerUserId
1. USthomasvermaak
plurals
PostLinksPostIdRelatedPostId
1. This table or related slice is empty.
PostLinksRelatedPostIdPostId
1. This table or related slice is empty.
PostsAcceptedAnswerId
1. This table or related slice is empty.
PostsParentIdCreationDate
1. PO
 singulars
 PostTypePostTypeId
 PTAnswer
VotesPostIdCreationDate
1. VO
 singulars
 PostPostId
 POHow to use 'Has_secure_password', when trying to refactor?
 UserUserId
 This table or related slice is empty.
 VoteTypeVoteTypeId
 VTUpMod
CommentsPostId
1. This table or related slice is empty.

Querying!

Guidance

A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.