
Default remember_me value is not taken into account
Reported by Nicolas Jacobeus | June 29th, 2009 @ 08:13 AM
I'm sorry in advance if this is just the result of me not understanding something.
When I set a default value for remember_me in my UserSession class:
class UserSession < Authlogic::Session::Base
self.remember_me = true # remember users by default
end
This default value is not taken into account when I try to do a login with UserSession.create(params[:user_session]) with no remember_me key in the params hash.
As I understand it, the problem arises in the credentials= method of Authlogic::Session::Cookies (starting line 55 in lib/authlogic/session/cookies.rb), more specifically on line 60:
self.remember_me = values.first.with_indifferent_access[:remember_me]
If no :remember_me key is present in the params hash, this line sets the instance variable @remember_me to nil.
This means that function remember_me (lines 68-71) always returns @remember_me without checking the value of the class variable, as it will always be defined (even if nil):
def remember_me
return @remember_me if defined?(@remember_me)
@remember_me = self.class.remember_me
end
My workaround is simply to add an "if" statement to line 60:
self.remember_me = values.first.with_indifferent_access[:remember_me] if values.first.with_indifferent_access.has_key?(:remember_me)
That way, @remember_me is only set when there is actually a :remember_me key in the credentials hash.
Comments and changes to this ticket
-
Ben Johnson July 2nd, 2009 @ 01:55 AM
- State changed from new to resolved
Thanks for this. This has been applied.
Please Sign in or create a free account to add a new ticket.
With your very own profile, you can contribute to projects, track your activity, watch tickets, receive and update tickets through your email and much more.
Create your profile
Help contribute to this project by taking a few moments to create your personal profile. Create your profile ยป
Object based authentication solution that handles all of the non sense for you. It's as easy as ActiveRecord is with a database.