Search Results

Search found 295 results on 12 pages for 'authlogic oid'.

Page 2/12 | < Previous Page | 1 2 3 4 5 6 7 8 9 10 11 12  | Next Page >

  • Making Authlogic 'not remember me'

    - by user57618
    I want my user session to end when the user closes the browser. But authlogic seems to remember the session even when a new browser is opened. I have tried setting @user_session.remember_me = false but that doesn't help. I drilled down to the save_cookie method which is indeed saving the cookie with :expires = nil. Am I right in assuming that this will expire the cookie with the browser session? The only peculiar thing about my authlogic configuration is that I set c.perishable_token_valid_for(0) so that the invitation code never expires. Not that I think it has anything to do with this ..

    Read the article

  • How to integrate Facebook the new Graph Api with Authlogic in Ruby on Rails?

    - by amrnt
    I've began with a new project using Authlogic system for Authorization. And I'm now wondering how could I connect Facebook oAuth sessions with my Authlogic session! First of all I want to use and Authlogic-oAuth Gems/Plugins, I what I want to use are just http://github.com/intridea/oauth2 and the interesting http://github.com/nsanta/fbgraph and associate them all with Authlogic. I tried using Authlogic with authlogic-connect extension, but It didnt fill up my needs. And I think the three of the amazing gems above togother will make things done in quality and as I want. Thanks in advance.

    Read the article

  • Authlogic and password and password confirmation attributes - inaccessible?

    - by adam
    Im trying to test my successfully creates a new user after login (using authlogic). Ive added a couple of new fields to the user so just want to make sure that the user is saved properly. The problem is despite creating a valid user factory, whenever i try to grab its attributes to post to the create method, password and password confirmation are being ommitted. I presuem this is a security method that authlogic performs in the background. This results in validations failing and the test failing. Im wondering how do i get round this problem? I could just type the attributes out by hand but that doesnt seem very dry. context "on POST to :create" do context "on posting a valid user" do setup do @user = Factory.build(:user) post :create, :user => @user.attributes end should "be valid" do assert @user.valid? end should_redirect_to("users sentences index page") { sentences_path() } should "add user to the db" do assert User.find_by_username(@user.username) end end ##User factory Factory.define :user do |f| f.username {Factory.next(:username) } f.email { Factory.next(:email)} f.password_confirmation "password" f.password "password" f.native_language {|nl| nl.association(:language)} f.second_language {|nl| nl.association(:language)} end

    Read the article

  • authlogic email as username

    - by ADAM
    How do i override/set authlogic to use the email field instead of the username field for both signup and authentication, having a username + an email is occasionally too intense for some some registration scenarios

    Read the article

  • autologin in authlogic Rails

    - by Adnan
    Hello, I have added auhlogic in my Rails app to authenticate users. I have also included the code from the Reset password tutorial . All of it works, the only issue I have is that once a user registers he gets automatically logged in. Anyone worked with authlogic, what would be the best & fastest way to disable the autologin after the registration?

    Read the article

  • authlogic without cookies, how?

    - by Alexandr Borisov
    G'day, I am developing server application with Ruby on Rails and I'd like to store session token in each request's body. For example {"token":"asdkjahsdoahgfblkasblbag"}. And I am stuck, really don't know how to configure authlogic to handle token from params, not via cookie. And how to prevent "set-cookie" header sending? Thanks, Alexandr

    Read the article

  • Problem with skipping login validation for authlogic

    - by Andrei
    Hi, I want to use email for signing in, and to allow users to have similar names. One way to do this is to rename login/username field to something different. However, I want to do it just by setting up authlogic. I tried the following acts_as_authentic do |c| c.login_field :email c.validate_login_field false c.validate_email_field true end but it still complains that the login already exists. What must be done to avoid username validation without renaming the field?

    Read the article

  • Problem with user login validation by authlogic

    - by Andrei
    Hi, I want to use email for signing in, and to allow users to have similar names. One way to do this is to rename login/username field to something different. However, I want to do it just by setting up authlogic. I tried the following acts_as_authentic do |c| c.login_field :email c.validate_login_field false c.validate_email_field true end but it still complains that the login already exists. What must be done to avoid username validation without renaming the field?

    Read the article

  • authlogic rails question - how to code for an API

    - by phil swenson
    I have authlogic going on my app, but now I need to have an an API. I don't want to establish a session, just want a user to send in data in a json request such as: {"type":"address","password":"mypassword","name":"my notificaiton name goes here","user":"myusername","text":"my interesting stuff goes here"} So questions - 1) is this a decent approach? 2) how do i do the auth inside my rails controller?

    Read the article

  • Authlogic, logout, credential capture and security

    - by Paddy
    Ok this is something weird. I got authlogic-oid installed in my rails app today. Everything works perfectly fine but for one small nuisance. This is what i did: I first register with my google openid. Successful login, redirection and my email, along with my correct openid is stored in my database. I am happy that everything worked fine! Now when i logout, my rails app as usual destroys the session and redirects me back to my root url where i can login again. Now if i try to login it still remembers my last login id. Not a big issue as i can always "Sign in as a different user" but i am wondering if there is anyway to not only logout from my app but also logout from google. I noticed the same with stack overflow's openid authentication system. Why am i so bothered about this, you may ask. But is it not a bad idea if your web apps end user, who happens to be in a cyber cafe, thinks he has logged out from your app and hence from his google account only to realize later that his google account had got hacked by some unworthy loser who just happened to notice that the one before him had not logged out from google and say.. changed his password!! Should i be paranoid? Isn't this a major security lapse while implementing the openid spec? Probably today someone can give me a workaround for this issue and the question is solved for me. But what about the others who have implemented openid in their apps and not implemented a workaround?

    Read the article

  • Authlogic, logout and credential capture

    - by Paddy
    Ok this is something weird. I got authlogic-oid installed in my rails app today. Everything works perfectly fine but for one small nuisance. This is what i did: I first register with my google openid. Successful login, redirection and my email, along with my correct openid is stored in my database. I am happy that everything worked fine! Now when i logout, my rails app as usual destroys the session and redirects me back to my root url where i can login again. Now if i try to login it still remembers my last login id. Not a big issue as i can always "Sign in as a different user" but i am wondering if there is anyway to not only logout from my app but also logout from google. I noticed the same with stack overflow's openid authentication system. Why am i so bothered about this, you may ask. But is it not a bad idea if your web apps end user, who happens to be in a cyber cafe, thinks he has logged out from your app and hence from his google account only to realize later that his google account had got hacked by some unworthy loser who just happened to notice that the one before had not logged out from google and say.. changed his password!! Should i be paranoid?

    Read the article

  • Session bug using facebook-connect-with-authlogic in Rails

    - by Jesse
    I'm trying to follow this article: http://ryanbigg.com/2010/03/testing-facebook, but I'm stuck. I think the problem is with my session, in that the current_usermethod comes up with nil for session[:facebook_session]. According to the original authlogic, it says to use the active_record_store for sessions: # config/environment.rb config.action_controller.session_store = :active_record_store # db/schema includes create_table "sessions", :force => true do |t| t.string "session_id", :null => false t.text "data" t.datetime "created_at" t.datetime "updated_at" end The article calls for the use of cookies. I'm confused; can I use cookies and the active record sessions? I'm also confused by the use of cattr_accessor :current_user from within the User model -- current_user still goes in the application controller, right? Please help.

    Read the article

  • Authlogic Multiple Password Validation

    - by Hock
    Hello, I'm using Authlogic to manage my user sessions. I'm using the LDAP add-on, so I have the following in my users model acts_as_authentic do |c| c.validate_password_field = false end The problem is that recently I found out that there will be some users inside the application that won't be part of the LDAP (and can't be added!). So I would need to validate SOME passwords against the database and the others against the LDAP. The users whose password will be validated against the database will have an specific attribute that will tell me that that password will be validated in my database. How can I manage that? Is it possible that the validate_password_field receives a "variable"? That way I could create some method that will return true/false depending on where the password validation will be done? Thanks! Nicolás Hock Isaza

    Read the article

  • last_login_at not working (null) w/ Authlogic Magic Columns...

    - by bgadoci
    I am using the Authlogicgem for authentication and most of it seems to be working great. Authlogic provides several columns that you can add to your Users table (for example) that it knows to fill in if they are present. i.e. login_count, current_login_ip, last_request_at and last_login_at. All seem to be working fine with the exception of the last_login_at field which is null for each user. Is there anything specific that could be causing this perhaps having to do with the user sessions, etc? I can post code if needed but wasn't sure what would relate to this.

    Read the article

  • Regarding Authlogic and page redirection.

    - by Paddy
    I am using authlogic for authentication in my Rails app. Have named routes for the frequent actions, viz: map.login "login", :controller = "user_sessions", :action = "new" map.logout "logout", :controller = "user_sessions", :action = "destroy" map.register "register", :controller = "users", :action = "new" map.edit 'user/edit/:id', :controller = "users", :action = "edit" But also in my routes.rb i have these automatically created REST routes too: map.resources :user_sessions map.resources :users The problem now is that a user can login from two different routes. Ex: From, http://localhost/login and also from http ://localhost/user_sessions/new. How do i restrict access only from the named route i have defined and not allow from user_sessions/new?

    Read the article

  • Rails Authlogic authentication method

    - by Rabbott
    Within Authlogic, is there a way that I can add conditions to the authentication method? I know by using the find_by_login_method I can specify another method to use, but when I use this I need to pass another parameter since the find_by_login_method method only passes the parameter that is deemed the 'login_field'. What I need to do is check something that is an association of the authentic model.. Here is the method I want to use # make sure that the user has access to the subdomain that they are # attempting to login to, subdomains are company names def self.find_by_email_and_company(email, company) user = User.find_by_email(email) companies = [] user.brands.each do |b| companies << b.company.id end user && companies.include?(company) end But this fails due to the fact that only one parameter is sent to the find_by_email_and_company method. The company is actually the subdomain, so in order to get it here I am just placing it in a hidden field in the form (only way I could think to get it to the model) Is there a method I can override somehow..?

    Read the article

  • OpenID register on login (authlogic_openid)

    - by Glex
    What is the proper way to register users automatically when they log in with openid? I am using authlogic with an authlogic-oid gem (and an older version of openid_authentication). The stuff I read online so far seems to be obsolete. Does anyone know the proper way to do it with the new gem? What I do now is: options = params[:user_session] || {} [:openid_identifier].each { |k| options[k] = params[k] if params[k] } @user_session = UserSession.new(options) @user_session.save do |result| if result flash[:notice] = "Login successful! (#{result.inspect})" redirect_back_or_default account_url else render :action => :new end end By the way, I don't see the Login Successful flash (but that is not that big of a deal).

    Read the article

  • Authlogic with nested attributes and polymorphic associations

    - by ferparra
    Hi all! I'm having trouble with the following code: User < AR acts_as_authentic belongs_to :owner, :polymorphic => true end Worker < AR has_one :user, :as => :owner accepts_nested_attributes_for :user end Employer < AR has_one :user, :as => :owner accepts_nested_attributes_for :user end I'd like to create registration forms based on user types, and to include authentication fields such as username and password. I currently do this: UserRegistrationController < AC #i.e. a new Employer def new @employer = Employer.new @employer.build_user end ... end I then include User fields with fields_for. All views render fine, but here's the catch: I cannot build a User, it tells me :password is a wrong method, so I guess the authentication logic was bypassed. What should I do? Am I doing it wrong altogether? Should I drop polymorphic associations in favor of Single Table Inheritance? Whatever I do, I have to make sure it plays nicely with Authlogic.

    Read the article

  • Authlogic Current User Question - hiding admin links...

    - by bgadoci
    I think I am missing something while using the Authlogic gem w/ Rails. To set the stage I have multiple users and each user can create posts and comments. Upon the display of a post or comment I would like to give the user who created them the option to edit or destroy. I am successfully using the following code to hide and show elements based on if a user is logged in or not but can't seem to find out how to only show these links to the actual user who created them...not any user that is logged in. <% if current_user %> <%= link_to 'Edit', edit_question_path(question) %> | <%= link_to 'Destroy', question, :confirm => 'Are you sure?', :method => :delete %> <% else %> <p>nothing to see here</p> <% end %> Here is the def of current_user located in the application controller in case I need to change something here. class ApplicationController < ActionController::Base helper :all # include all helpers, all the time protect_from_forgery # See ActionController::RequestForgeryProtection for details# helper_method :current_user private def current_user_session return @current_user_session if defined?(@current_user_session) @current_user_session = UserSession.find end def current_user return @current_user if defined?(@current_user) @current_user = current_user_session && current_user_session.record end end

    Read the article

  • Problems setting up AuthLogic

    - by sscirrus
    Hi all, I'm trying to set up a simple login using AuthLogic into my User table. Every time I try, the login fails and I don't know why. I'm sure this is a simple error but I've been hitting a brick wall with it for a while. #user_sessions_controller def create @user_session = UserSession.new(params[:user_session]) if @user_session.save flash[:notice] = "Login successful!" else flash[:notice] = "We couldn't log you in. Please try again!" redirect_to :controller => "index", :action => "index" end end #_user_login.html.erb (this is the partial from my index page where Users log in) <% form_tag user_session_path do %> <p><label for="login">Login:</label> <%= text_field_tag "login", nil, :class => "inputBox", :id => "login", </p> <p><label for="password">Password: </label> <%= password_field_tag "password", nil, :class => "inputBox", :id => "password", </p> <p><%= submit_tag "submit", :class => "submit" %></p> <% end %> I had Faker generate some data for my user table but I cannot log in! Every time I try it just redirects to index. Where am I going wrong? Thanks everybody.

    Read the article

  • Protecting Content with AuthLogic

    - by Rob Wilkerson
    I know this sounds like a really, really simple use case and I'm hoping that it is, but I swear I've looked all over the place and haven't found any mention of any way - not even the best way - of doing this. I'm brand-spanking new to Ruby, Rails and everything surrounding either (which may explain a lot). The dummy app that I'm using as my learning tool requires authentication in order to do almost anything meaningful, so I chose to start by solving that problem. I've installed the AuthLogic gem and have it working nicely to the extent that is covered by the intro documentation and Railscast, but now that I can register, login and logout...I need to do something with it. As an example, I need to create a page where users can upload images. I'm planning to have an ImagesController with an upload action method, but I want that only accessible to logged in users. I suppose that in every restricted action I could add code to redirect if there's no current_user, but that seems really verbose. Is there a better way of doing this that allows me to define or identify restricted areas and handle the authentication check in one place?

    Read the article

  • Authlogic OpenID: Fetching E-Mail from Provider.

    - by Shripad K
    This is a really weird problem: I have set up the authlogic_openid_selector_example app. When i register, the email id is not returned by the openid provider the first time. But if i delete the account and register again, the email id is returned. But this doesn't seem to be happening in the example hosted here: http://big-glow-mama.heroku.com/. How do i fix this problem? Has this got to do with caching? I have hosted my version of the app here: http://pingauthtest.heroku.com/ I guess the author of authlogic_openid_selector_example app (@holden) has forgotten to commit new changes. :) I looked at my development log and the first time the provider doesn't return the openid.ext1.value.ext0 which contains the email id. This is returned the second time only after having deleted the account first. Edit: This is some extra info for debugging: THIS IS WHEN IT REGISTERS: OpenIdAuthentication::Association Load (5.3ms) SELECT * FROM "open_id_authentication_associations" WHERE ("open_id_authentication_associations"."server_url" = E'https://www.google.com/accounts/o8/ud') Generated checkid_setup request to https://www.google.com/accounts/o8/ud with assocication AOQobUde_9BUnQsk91rb_Sf9tguJ-S7Gpkwahc-nvDGDYAC8nphisNqu Redirected to https://www.google.com/accounts/o8/ud? openid.assoc_handle=AOQobUde_9BUnQsk91rb_Sf9tguJ-S7Gpkwahc-nvDGDYAC8nphisNqu &openid.ax.mode=fetch_request &openid.ax.required=ext0 &openid.ax.type.ext0=http%3A%2F%2Faxschema.org%2Fcontact%2Femail &openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select &openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select &openid.mode=checkid_setup &openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0 &openid.ns.ax=http%3A%2F%2Fopenid.net%2Fsrv%2Fax%2F1.0 &openid.ns.sreg=http%3A%2F%2Fopenid.net%2Fextensions%2Fsreg%2F1.1 &openid.realm=http%3A%2F%2Flocalhost%3A3000%2F &openid.return_to=http%3A%2F%2Flocalhost%3A3000%2Faccount%3Ffor_model%3D1%26_method%3Dpost%26open_id_complete%3D1 &openid.sreg.required=email Completed in 3574ms (DB: 14) | 302 Found [http://localhost/account] THIS IS WHEN IT USES SESSIONS: OpenIdAuthentication::Association Load (5.3ms) SELECT * FROM "open_id_authentication_associations" WHERE ("open_id_authentication_associations"."server_url" = E'https://www.google.com/accounts/o8/ud') Generated checkid_setup request to https://www.google.com/accounts/o8/ud with assocication AOQobUde_9BUnQsk91rb_Sf9tguJ-S7Gpkwahc-nvDGDYAC8nphisNqu Redirected to https://www.google.com/accounts/o8/ud? openid.assoc_handle=AOQobUde_9BUnQsk91rb_Sf9tguJ-S7Gpkwahc-nvDGDYAC8nphisNqu &openid.ax.mode=fetch_request &openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select &openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select &openid.mode=checkid_setup &openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0 &openid.ns.ax=http%3A%2F%2Fopenid.net%2Fsrv%2Fax%2F1.0 &openid.ns.sreg=http%3A%2F%2Fopenid.net%2Fextensions%2Fsreg%2F1.1 &openid.realm=http%3A%2F%2Flocalhost%3A3000%2F &openid.return_to=http%3A%2F%2Flocalhost%3A3000%2Fuser_session%3Ffor_session%3D1%26_method%3Dpost%26open_id_complete%3D1 Completed in 2708ms (DB: 15) | 302 Found [http://localhost/user_session]

    Read the article

  • Crypted_password is null when using Authlogic to save a user

    - by kareem
    i'm getting a strange error on my production install when i try and create a new user using AL: ActiveRecord::StatementInvalid: Mysql::Error: Column 'crypted_password' cannot be null: INSERT INTO users especially strange b/c it works as expected on my local box. RUnning Rails 2.3.2 and ruby 1.8.7 on both boxes. user.rb: class User < ActiveRecord::Base before_create :set_username acts_as_authentic do |c| c.require_password_confirmation = false c.login_field = "email" c.validates_length_of_password_field_options = {:minimum => 4} c.validate_login_field = false #don't validate email field with additional validations end end Here's output from my production console: >> u = User.new => #<User id: nil, username: nil, email: nil, crypted_password: nil, password_salt: nil, persistence_token: nil, single_access_token: nil, perishable_token: nil, login_count: 0, failed_login_count: 0, last_request_at: nil, current_login_at: nil, last_login_at: nil, current_login_ip: nil, last_login_ip: nil, created_at: nil, updated_at: nil, is_admin: 0, first_name: nil, last_name: nil> >> u.full_name = 'john smith' => "john smith" >> u.password = 'test' => "test" >> u.email = '[email protected]' => "[email protected]" >> u.valid? => true >> u.save ActiveRecord::StatementInvalid: Mysql::Error: Column 'crypted_password' cannot be null: INSERT INTO `users` (`single_access_token`, `last_request_at`, `created_at`, `crypted_password`, `perishable_token`, `updated_at`, `username`, `failed_login_count`, `current_login_ip`, `password_salt`, `current_login_at`, `is_admin`, `persistence_token`, `login_count`, `last_name`, `last_login_ip`, `last_login_at`, `email`, `first_name`) VALUES('B-XSXwhO7hkbtISIOyEq', NULL, '2009-07-31 01:10:44', NULL, 'FK3mYS2Tp5Tzeq5IXE1z', '2009-07-31 01:10:44', 'john', 0, NULL, NULL, NULL, 0, '2c76b645f761eb3509353290e93874cecdb68a63caa165812ab1b126d63660757090ecf69995caef9e78f93d070b524e2542b3fec4ee050726088c2a9fdb0c9f', 0, 'smith', NULL, NULL, '[email protected]', 'john') from /usr/lib/ruby/gems/1.8/gems/activerecord-2.3.2/lib/ active_record/connection_adapters/abstract_adapter.rb:212:in `log' from /usr/lib/ruby/gems/1.8/gems/activerecord-2.3.2/lib/ active_record/connection_adapters/mysql_adapter.rb:320:in `execute' from /usr/lib/ruby/gems/1.8/gems/activerecord-2.3.2/lib/ active_record/connection_adapters/abstract/database_statements.rb: 259:in `insert_sql' from /usr/lib/ruby/gems/1.8/gems/activerecord-2.3.2/lib/ active_record/connection_adapters/mysql_adapter.rb:330:in `insert_sql' from /usr/lib/ruby/gems/1.8/gems/activerecord-2.3.2/lib/ active_record/connection_adapters/abstract/database_statements.rb: 44:in `insert_without_query_dirty' from /usr/lib/ruby/gems/1.8/gems/activerecord-2.3.2/lib/ active_record/connection_adapters/abstract/query_cache.rb:18:in `insert' from /usr/lib/ruby/gems/1.8/gems/activerecord-2.3.2/lib/ active_record/base.rb:2902:in `create_without_timestamps' from /usr/lib/ruby/gems/1.8/gems/activerecord-2.3.2/lib/ active_record/timestamp.rb:29:in `create_without_callbacks' from /usr/lib/ruby/gems/1.8/gems/activerecord-2.3.2/lib/ active_record/callbacks.rb:266:in `create' from /usr/lib/ruby/gems/1.8/gems/activerecord-2.3.2/lib/ active_record/base.rb:2868:in `create_or_update_without_callbacks' from /usr/lib/ruby/gems/1.8/gems/activerecord-2.3.2/lib/ active_record/callbacks.rb:250:in `create_or_update' from /usr/lib/ruby/gems/1.8/gems/activerecord-2.3.2/lib/ active_record/base.rb:2539:in `save_without_validation' from /usr/lib/ruby/gems/1.8/gems/activerecord-2.3.2/lib/ active_record/validations.rb:1009:in `save_without_dirty' from /usr/lib/ruby/gems/1.8/gems/activerecord-2.3.2/lib/ active_record/dirty.rb:79:in `save_without_transactions' from /usr/lib/ruby/gems/1.8/gems/activerecord-2.3.2/lib/ active_record/transactions.rb:229:in `send' from /usr/lib/ruby/gems/1.8/gems/activerecord-2.3.2/lib/ active_record/transactions.rb:229:in `with_transaction_returning_status' from /usr/lib/ruby/gems/1.8/gems/activerecord-2.3.2/lib/ active_record/connection_adapters/abstract/database_statements.rb: 136:in `transaction' from /usr/lib/ruby/gems/1.8/gems/activerecord-2.3.2/lib/ active_record/transactions.rb:182:in `transaction' from /usr/lib/ruby/gems/1.8/gems/activerecord-2.3.2/lib/ active_record/transactions.rb:228:in `with_transaction_returning_status' from /usr/lib/ruby/gems/1.8/gems/activerecord-2.3.2/lib/ active_record/transactions.rb:196:in `save' from /usr/lib/ruby/gems/1.8/gems/activerecord-2.3.2/lib/ active_record/transactions.rb:208:in `rollback_active_record_state!' from /usr/lib/ruby/gems/1.8/gems/activerecord-2.3.2/lib/ active_record/transactions.rb:196:in `save' No idea why this is happening, and especially why this saves a new user on dev but not on production. Any help is much appreciated, thanks! edit: using Apache & Passenger 2.2.4

    Read the article

< Previous Page | 1 2 3 4 5 6 7 8 9 10 11 12  | Next Page >