I'm using devise with my rails 3 app. For some reason the sign in with Remember Me is not working.
Could this be due to testing on localhost:3000 ?
in devise.rb, I have the following set:
config.remember_for = 2.weeks
In the logs, when I post a signin I see:
Started POST "/users/sign_in" for 127.0.0.1 at Thu May 12 20:53:04 -0700 2011
Processing by SessionsController#create as HTML
Parameters: {"signIn"=>"LOG IN", "authenticity_token"=>"GR09TIq4uSbu6UWxDRhpfQeLWp7qtJTxkCFksLmFzdE=", "utf8"=>"✓", "user"=>{"remember_me"=>"on", "password"=>"[FILTERED]", "email"=>"[email protected]"}}
Is there anything wrong there?
I also have the following in my sessions_controller.rb
class SessionsController < Devise::SessionsController
prepend_before_filter :require_no_authentication, :only => [ :new, :create ]
include Devise::Controllers::InternalHelpers
# GET /resource/sign_in
def new
clean_up_passwords(build_resource)
render_with_scope :new
end
# POST /resource/sign_in
def create
resource = warden.authenticate!(:scope => resource_name, :recall => "new")
#set_flash_message :notice, :signed_in
sign_in_and_redirect(resource_name, resource)
end
# GET /resource/sign_out
def destroy
#set_flash_message :notice, :signed_out if signed_in?(resource_name)
sign_out_and_redirect(resource_name)
end
protected
def after_sign_in_path_for(resource)
if resource.is_a?(User) && resource.banned?
sign_out resource
flash[:error] = "This account has been suspended."
root_path
else
super
end
end
end
Any ideas why signing in and remembering is not working? Thanks
This happens because remember_me comes in params as "on", but is compared to Devise::TRUE_VALUES, which are [true, 1, '1', 't', 'T', 'true', 'TRUE'].
The easiest way is to make it work is to insure your remember_me comes as one of that values. Example of check-box(notice value="1"):
<input type="checkbox" name="user[remember_me]" value="1" checked="checked" />
Another way if you want to make it work with "on" value you can add "on" to Devise::TRUE_VALUES. So in your config/initializers/devise.rb just add as the first line:
Devise::TRUE_VALUES << ["on"]
The Devise remember_user_token cookie could be set to 'secure only', in which case it doesn't work with the development rails server on http (browser never sends it back to the server).
Check initializers/devise.rb for rememberable_options = {:secure => true}
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With