Storing the User Model in the Session

By default, Acts as Authenticated will store the id of the user object in the session, not the whole object. This ensures that your session is never stale, but it costs an extra db query per request. Here’s how to modify the Authenticated System module to store the whole user object: <ol> <li>Accesses the current <%= file_name %> from the session. def current_user session[:user] end</li> </ol> <ol> <li>Store the given user in the session. def current_user=(new_user) session[:user] = new_user end</li> </ol> And to make tests work, you need to change this in lib/authenticated_test_helper: <ol> <li>remove .id from users(users) def login_as(user) @request.session[:user] = user ? users(user) : nil end</li> </ol> Or if you also plan to use userstamp do this instead: applicaton.rb should resemble: class ApplicationController < ActionController::Base include AuthenticatedSystem before_filter do |c| if !c.session[:user].nil? User.current_user = c.session[:user] end end end Add this line to user.rb model: cattr_accessor :current_user Changed portion of lib/authenticated_system.rb: <ol> <li>Preloads <code>current_user with the user model if they're logged in. def logged_in? (</code>current_user ||= session[:user_id] ? User.find_by_id(session[:user_id]) : :false).is_a?(User) end</li> </ol> <ol> <li>Accesses the current user from the session. def current_user @current_user if logged_in? end</li> </ol> <ol> <li>Store the given user in the session. def current_user=(new_user) session[:user] = new_user session[:user_id] = new_user.nil? ? nil : new_user.id @current_user = new_user end</li> </ol> Changed portion of lib/authenticated_test_helper.rb: <ol> <li>Sets the current user in the session from the user fixtures. def login_as(user) @request.session[:user_id] = user ? users(user).id : nil end</li> </ol> Changed portion of test/funtional/account_controller_test.rb: def test_should_login_and_redirect post :login, :login => ‘quentin’, :password => ‘test’ assert session[:user] assert session[:user_id] assert_response :redirect end def test_should_fail_login_and_not_redirect post :login, :login => ‘quentin’, :password => ‘bad password’ assert_nil session[:user] assert_nil session[:user_id] assert_response :success end And further on down the same file: def test_should_logout login_as :quentin get :logout assert_nil session[:user] assert_nil session[:user_id] assert_response :redirect end 2008-10-24T03:35:15-07:00 71684 storing-the-user-model-in-the-session

67186

2008-10-24T03:35:15-07:00

30799