Can't log in with a valid password using Authlogic and Ruby on Rails?

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Posted by kbighorse on Stack Overflow See other posts from Stack Overflow or by kbighorse
Published on 2011-01-31T21:33:54Z Indexed on 2011/02/01 23:25 UTC
Read the original article Hit count: 225

Filed under:
|
|

We support a bit of an unusual scheme. We don't require a password on User creation, and use password_resets to add a password to the user later, on demand. The problem is, once a password is created, the console indicates the password is valid:

user.valid_password? 'test'
=> true

but in my UserSessions controller, @user_session.save returns false using the same password. What am I not seeing?

Kimball

UPDATE:

Providing more details, here is the output when saving the new password:

Processing PasswordResetsController#update (for 127.0.0.1 at 2011-01-31 14:01:12) [PUT] Parameters: {"commit"=>"Update password", "action"=>"update", "_method"=>"put", "authenticity_token"=>"PQD4+eIREKBfHR3/fleWuQSEtZd7RIvl7khSYo5eXe0=", "id"=>"v3iWW5eD9P9frbEQDvxp", "controller"=>"password_resets", "user"=>{"password"=>"johnwayne"}}

The applicable SQL is:

UPDATE users SET updated_at = '2011-01-31 22:01:12',
crypted_password = 'blah',
perishable_token = 'blah',
password_salt = 'blah',
persistence_token = 'blah'
WHERE id = 580

I don't see an error per se, @user_session.save just returns false, as if the password didn't match.

I skip validating passwords in the User model:

class User < ActiveRecord::Base
acts_as_authentic do |c|
c.validate_password_field = false
end

Here's the simplified controller code:

def create
logger.info("SAVED SESSION? #{@user_session.save}")
end

which outputs:

Processing UserSessionsController#create (for 127.0.0.1 at 2011-01-31 14:16:59) [POST]
Parameters: {"commit"=>"Login", "user_session"=>{"remember_me"=>"0", "password"=>"johnwayne", "email"=>"[email protected]"}, "action"=>"create", "authenticity_token"=>"PQD4+eIREKBfHR3/fleWuQSEtZd7RIvl7khSYo5eXe0=", "controller"=>"user_sessions"}
User Columns (2.2ms) SHOW FIELDS FROM users
User Load (3.7ms) SELECT * FROM users WHERE (users.email = '[email protected]') ORDER BY email ASC LIMIT 1
SAVED SESSION? false
CACHE (0.0ms) SELECT * FROM users WHERE (users.email = '[email protected]') ORDER BY email ASC LIMIT 1
Redirected to http://localhost:3000/login

Lastly, the console indicates that the new password is valid:

$ u.valid_password? 'johnwayne'
=> true

Would love to do it all in the console, is there a way to load UserSession controller and call methods directly?

Kimball

© Stack Overflow or respective owner

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Related posts about ruby-on-rails

Related posts about ruby

Categories cloud

.NET ASP.NET iphone linux python Windows mysql android sql windows-7 html c ruby-on-rails css objective-c ubuntu networking sql-server wpf asp.net-mvc ruby database Xml apache AJAX osx security regex django Performance 12.04 windows-xp mac web-development iphone-sdk vb.net Silverlight apache2 flash server perl best-practices email installation eclipse visual-studio algorithm windows-server-2008 winforms wcf firefox bash dns /Oracle