I am working on an application that is built on rails-api
and is using authlogic
to handle user authentication.
When I post to UserSessions
, the user is authenticated and the correct user is updated and returned. The user_credentials
cookie is being set and when I look at the request headers, I can see that the correct cookie is being passed.
The issue I am seeing is that the current_user_session
and current_user methods
are not being set.
I am using the pretty standard current_user_session and current_user methods.
def current_user_session
return @current_user_session if defined?(@current_user_session)
@current_user_session = UserSession.find
end
def current_user
return @current_user if defined?(@current_user)
@current_user = current_user_session && current_user_session.record
end
These are my non-researched findings from tinkering with rails-api together with auth-logic (so, no useful links and possible I've misunderstood the underlying causes)
By using rails-api, you have to enable a lot of the middleware, in my case specifically ActionDispatch::Cookies
and ActionDispatch::Session::CookieStore
.
Look at the POST
request response, and check if there is a header Set-Cookie
. If not, you're missing the middleware that generates that header automatically.
Try to comment out rails-api
in your Gemfile and look at the differences in the output of
rake middleware
I hope this helps, and if I get the time to dive deeper into this issue, I hope to remember to update this post.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.