My remember feature if simply login will still create a permanent cookie. I followed the following tutorial :http://railscasts.com/episodes/274-remember-me-reset-password
Here what I have
Session Controller
class SessionsController < ApplicationController
def new
if current_customer
redirect_to current_customer
end
end
def create
customer = Customer.find_by_email(params[:email])
if customer && customer.authenticate(params[:password])
if params[:remember_me]
cookies.permanent[:auth_token] = customer.auth_token
else
cookies[:auth_token] = customer.auth_token
end
redirect_to customer, :notice => "Logged in!"
else
flash.now.alert = "Invalid email or password"
render "new"
end
end
def destroy
cookies.delete(:auth_token)
redirect_to root_url, :notice => "Logged out!"
end
end
Application Controller
class ApplicationController < ActionController::Base
protect_from_forgery
force_ssl
private
def authorize
redirect_to login_url, alert: "Not authorized" if current_customer.nil?
end
def current_customer
@current_customer ||= Customer.find_by_auth_token(cookies[:auth_token]) if cookies[:auth_token]
end
helper_method :current_customer
end
I was thinking of adding a delete if params wasn't check off to assure myself no other cookie existed. But that doesn't seem to work
也许您应该在班级顶部调用helper_method调用。
Try adding
reset_session
to your destroy action.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.