Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Devise - remember me not working? LocalHost Issue?

I'm using devise with my rails 3 app. For some reason the sign in with Remember Me is not working.

Could this be due to testing on localhost:3000 ?

in devise.rb, I have the following set:

config.remember_for = 2.weeks

In the logs, when I post a signin I see:

Started POST "/users/sign_in" for 127.0.0.1 at Thu May 12 20:53:04 -0700 2011
  Processing by SessionsController#create as HTML
  Parameters: {"signIn"=>"LOG IN", "authenticity_token"=>"GR09TIq4uSbu6UWxDRhpfQeLWp7qtJTxkCFksLmFzdE=", "utf8"=>"✓", "user"=>{"remember_me"=>"on", "password"=>"[FILTERED]", "email"=>"[email protected]"}}

Is there anything wrong there?

I also have the following in my sessions_controller.rb

class SessionsController < Devise::SessionsController

  prepend_before_filter :require_no_authentication, :only => [ :new, :create ]
  include Devise::Controllers::InternalHelpers

  # GET /resource/sign_in
  def new
    clean_up_passwords(build_resource)
    render_with_scope :new
  end

  # POST /resource/sign_in
  def create
    resource = warden.authenticate!(:scope => resource_name, :recall => "new")
    #set_flash_message :notice, :signed_in
    sign_in_and_redirect(resource_name, resource)
  end

  # GET /resource/sign_out
  def destroy
    #set_flash_message :notice, :signed_out if signed_in?(resource_name)
    sign_out_and_redirect(resource_name)
  end

  protected

  def after_sign_in_path_for(resource)
    if resource.is_a?(User) && resource.banned?
      sign_out resource
      flash[:error] = "This account has been suspended."
      root_path
    else
      super
    end
  end


end

Any ideas why signing in and remembering is not working? Thanks

like image 749
AnApprentice Avatar asked May 13 '11 03:05

AnApprentice


2 Answers

This happens because remember_me comes in params as "on", but is compared to Devise::TRUE_VALUES, which are [true, 1, '1', 't', 'T', 'true', 'TRUE'].

The easiest way is to make it work is to insure your remember_me comes as one of that values. Example of check-box(notice value="1"):

<input type="checkbox" name="user[remember_me]" value="1" checked="checked" />

Another way if you want to make it work with "on" value you can add "on" to Devise::TRUE_VALUES. So in your config/initializers/devise.rb just add as the first line:

Devise::TRUE_VALUES << ["on"]
like image 195
Dmitry Naumov Avatar answered Oct 18 '22 15:10

Dmitry Naumov


The Devise remember_user_token cookie could be set to 'secure only', in which case it doesn't work with the development rails server on http (browser never sends it back to the server).

Check initializers/devise.rb for rememberable_options = {:secure => true}

like image 38
Geoff Wilson Avatar answered Oct 18 '22 15:10

Geoff Wilson