[Hobo Users] Session in Rails 2.3 ignored after logout_current_user?

Thu, 20 Aug 2009 17:58:35 -0700 

I have some code that logs a Facebook user in as a Hobo user.  If the
Facebook user is different than the currently logged in Hobo user, I do
this:

    logout_current_user
    self.current_user = user

That worked fine under Rails 2.1/Hobo 0.8.5.  Problem is, under Rails
2.3.2/Hobo 0.8.8, the old user remains logged in -- all changes to the
session get ignored.


Here's my guess as to what's going on:

    - logout_current_user calls reset_session.  The session is cleared.
    - the session returned by ActionController::Session::CookieStore is
{:return_to=>nil, :user=>"user:49"}.  Maybe this is invalid because doesn't
contain :session_id or something?  Dunno.
    - The client ignores the changes to the session, the old user remains
logged in.


The workaround is easy:

    # logout_current_user
    self.current_user = user

If I don't call logout_current_user, the changes to the session persist, and
the new user remains logged in.


Alas, authentication in my app is a complete mess (we're moving a little too
agile ;o).  I  haven't checked to see if this also happens on a stock Hobo
app.  Just thought I'd note it here if anyone's interested.

    - Scott



(here's how to watch session data get saved to the CookieStore:)

diff --git
a/vendor/rails/actionpack/lib/action_controller/session/cookie_store.
index a2543c1..555563e 100644
--- a/vendor/rails/actionpack/lib/action_controller/session/cookie_store.rb
+++ b/vendor/rails/actionpack/lib/action_controller/session/cookie_store.rb
@@ -97,6 +97,7 @@ module ActionController

         if !session_data.is_a?(AbstractStore::SessionHash) ||
session_data.send
           session_data.send(:load!) if
session_data.is_a?(AbstractStore::Sessio
+          logger.info "Saving Session Data:
#{session_data.to_hash.inspect}"
           session_data = marshal(session_data.to_hash)

           raise CookieOverflow if session_data.size > MAX

--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "Hobo 
Users" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to 
[email protected]
For more options, visit this group at 
http://groups.google.com/group/hobousers?hl=en
-~----------~----~----~----~------~----~------~--~---

Reply via email to