On The Rails

November 03, 2004

Authentication

After a few frustrations, I succeeded this morning in getting authentication working.

Most of the examples I’ve come across are some form of variation on the example posted on the wiki. It generally goes something like this:

Setup the login controller:

class LoginController < ActionController::Base

def index
# show login screen
end

def authenticate
if @session["person"] = Person.authenticate(@params["name"],
@params["password"])
redirect_to :controller => "main"
else
flash["alert"] = "Login failed!"
redirect_to :action => "index"
end
end
end

…and the model:

class Person < ActiveRecord::Base

def self.authenticate(name, password)
find_first(
[ "name = '%s' AND password = '%s'", name, password ]
)
end
end

However, what they miss is the code for the view. “Pretty simple”, I hear you say.

The problem came when I wanted to use ActiveView’s FormHelper. An example:

<form action="login/authenticate" method="post">

Name:
<%= text_field "login", "name", "size" => 20 %>

Password:
<%= password_field "login", "password", "maxsize" => 20 %>

<input type="submit" value="Save">
</form>

The above code builds the following HTML:

<form action="login/authenticate" method="post">

Name:
<input type="text" id="login_name" name="login[name]"
size="20" />

Password:
<input type="password" id="login_password" name="login[password]"
size="20" maxsize="20" />

<input type="submit" value="Save">
</form>

All looks good, right? No. Hook these up with the example authentication code: you’ll get no error, but you’ll never authenticate either. Why?

It’s because of the way the textfield and passwordfield helpers created our input fields. Have a look at the name attribute, eg. name="login[name]". As a result, the data entered in these inputs gets passed in as attributes of a @login object, which is in turn part of the @params hash.

However, our example LoginControler expects them to be directly in the hash, @params. Change the controller code to reference the login hash within the params hash, like so:

class LoginController < ActionController::Base

def index
# show login screen
end

def authenticate
if @session["person"] = Person.authenticate(@params["login"]["name"],
@params["login"]["password"])
redirect_to :controller => "main"
else
flash["alert"] = "Login failed!"
redirect_to :action => "index"
end
end
end

…and all of a sudden we’re in business.

Admittedly, none of this is rocket science. In fact, you may be there thinking "that's obvious". It is… in hindsight.

16 Comments:

  • I'm also a bit frustrated in trying to get Authentication to work in Rails. After reading your write-up on Authentication and on the Wiki, I'm still at a loss on how to get it working.

    Does the Login Generator (http://wiki.rubyonrails.com/rails/show/LoginGenerator) come into play with Authentication.

    By Anonymous Anonymous, at 20 January 2005 15:54  

  • I was frustrated by this for a little while. I knew the answer, just not how to fix it because my Ruby knowledge is pretty thin. Thanks for the tip!

    By Anonymous Anonymous, at 23 August 2005 05:56  

  • Nice site!
    [url=http://iiheokto.com/rsxw/fgxz.html]My homepage[/url] | [url=http://tivqpbuy.com/uyth/ywiu.html]Cool site[/url]

    By Anonymous Anonymous, at 19 September 2006 22:16  

  • By Anonymous Anonymous, at 19 September 2006 22:17  

  • Nice site!
    http://iiheokto.com/rsxw/fgxz.html | http://sqrqmqjs.com/ljdt/zcql.html

    By Anonymous Anonymous, at 19 September 2006 22:17  

  • thanks

    Anil

    By Anonymous Anonymous, at 11 October 2006 11:42  

  • Super site
    levaquin
    [url=http://levaquin.abc-herbal.com]levaquin[/url]
    levaquin
    [url=http://levaquin.abc-herbal.com]levaquin[/url]
    levaquin
    [url=http://levaquin.abc-herbal.com]levaquin[/url]
    levaquin
    [url=http://levaquin.abc-herbal.com]levaquin[/url]
    Best regards

    By Anonymous Anonymous, at 9 April 2007 01:53  

  • meet my favorite blog -

    [url=http://trailfire.com/paxil] paxil dosage [/url]

    http://trailfire.com/paxil
    [url=http://trailfire.com/paxil] overdosing on paxil [/url]

    By Anonymous Anonymous, at 15 July 2010 11:55  

  • represent my interesting blog -

    [url=http://trailfire.com/valium] discount valium [/url]

    http://trailfire.com/valium
    [url=http://trailfire.com/valium] discount valium [/url]

    By Anonymous Anonymous, at 15 July 2010 16:16  

  • greetings to all.
    I would first like to thank the writers of this blog by sharing information, a few years ago I read a book called guanacaste costa rica in this book deal with questions like this one.

    By Blogger Dean, at 21 July 2010 17:46  

  • Hello .. firstly I would like to send greetings to all readers. After this, I recognize the content so interesting about this article. For me personally I liked all the information. I would like to know of cases like this more often. In my personal experience I might mention a book called Generic Viagra in this book that I mentioned have very interesting topics, and also you have much to do with the main theme of this article.

    By Blogger niz, at 15 August 2010 19:43  

  • clomid side effects | buy clomid uk - clomid 25 mg, metformin and clomid for pcos

    By Anonymous Anonymous, at 14 November 2012 16:29  

  • instant payday loans http://2applyforcash.com/ gania [url=http://2applyforcash.com]payday loans[/url] ConadvadyPync Cheap Payday Loans Online Pay Day Loans Once you have joined an affiliate program you the content which you to invest in online affiliate programs!!!They work to get their site into the top ten results an easier option may be to register with an agency such as commission junction.

    By Anonymous Anonymous, at 11 January 2013 16:25  

  • pregnancy after clomid | http://buyclomidcheap.webs.com/#33791 - how much does clomid cost without insurance, clomid and hcg

    By Anonymous Anonymous, at 1 February 2013 09:56  

  • clomid 5-9 | clomid without rx - cheap clomid online, clomid sides

    By Anonymous Anonymous, at 1 February 2013 21:07  

  • [url=http://www.freewebs.com/muslimpharmacistsassociation/apps/profile/106985754/]Buy Discount Cipro tablets Online No prescription! Free Delivery[/url] Buy Discount Cipro tablets Online No prescription! Free Delivery Buy Discount Cipro tablets Online No prescription! Free Delivery
    [url=http://www.freewebs.com/muslimpharmacistsassociation/apps/profile/106996669/]Order Cheap Cipro tablets Online No prescription! Tablets[/url] Order Cheap Cipro tablets Online No prescription! Tablets Order Cheap Cipro tablets Online No prescription! Tablets
    [url=http://www.freewebs.com/muslimpharmacistsassociation/apps/profile/106979661/]Buy Discount Xenical pills Online No prescription![/url] Buy Discount Xenical pills Online No prescription! Buy Discount Xenical pills Online No prescription!
    [url=http://www.freewebs.com/muslimpharmacistsassociation/apps/profile/106984348/]Order Cheap Diflucan tablets Online No prescription! Tablets[/url] Order Cheap Diflucan tablets Online No prescription! Tablets Order Cheap Diflucan tablets Online No prescription! Tablets


    http://www.freewebs.com/muslimpharmacistsassociation/apps/profile/106980539/
    http://www.freewebs.com/muslimpharmacistsassociation/apps/profile/106979847/
    http://www.freewebs.com/muslimpharmacistsassociation/apps/profile/106985754/
    http://www.freewebs.com/muslimpharmacistsassociation/apps/profile/106996438/

    By Anonymous Anonymous, at 27 February 2013 23:12  

Post a Comment

<< Home