Welcome to the Treehouse Community

Want to collaborate on code errors? Have bugs you need feedback on? Looking for an extra set of eyes on your latest project? Get support with fellow developers, designers, and programmers of all backgrounds and skill levels here with the Treehouse Community! While you're at it, check out some resources Treehouse students have shared here.

Looking to learn something new?

Treehouse offers a seven day free trial for new students. Get access to thousands of hours of content and join thousands of Treehouse students and alumni in the community today.

Start your free trial

Ruby User Authentication with Rails Password Hashing and Sign In Creating the Sessions Controller

Mohamed El Sharnoby
Mohamed El Sharnoby
8,226 Points
Posted by Mohamed El Sharnoby
Mohamed El Sharnoby
8,226 Points

loop of login

I am currently working on this app to handle registration for events for an NGO. I am building user models based on the "User Authentication with Rails" course. Currently, when a user tries to log in, (s)he are not directed anywhere but the login. I can't find what is wrong with the code I wrote. here is the code from app/controllers/user_session_controller.rb

class UserSessionsController < ApplicationController
    def new
    end

    def create
     user = User.find_by(email: params[:email])
     if user && user.authenticate(params[:password])
        session[:user_id] = user.id
        flash[:success] = "Signed in successfully"
        redirect_to event_entries_path
     else
        render action: 'new'
        flash[:error] = "Login Unsccessful, please check email/password"
     end
     end
end

code from my app/controllers/application_controller.rb (since I wanted the user to not be able to view event entries (s)he created unless logged in).

def current_user
    @current_user ||= User.find(session[:user_id]) if session[:user_id]
end

def require_user
  if @current_user
     true
  else
     redirect_to new_user_session_path, notice: "you must be logged in to view this page"
  end
end

2 Answers

Brandon Barrette
Brandon Barrette
20,485 Points
Brandon Barrette
Brandon Barrette
20,485 Points

So it sounds like it could be two things.

  • This if clause is never true, thus bringing you back to the login path:
    if user && user.authenticate(params[:password])
  • Or this redirect is causing your user to get booted back to the login. 
    redirect_to event_entries_path

When you login, is there an error message or success message?

Mohamed El Sharnoby
Mohamed El Sharnoby
8,226 Points
Mohamed El Sharnoby
Mohamed El Sharnoby
8,226 Points

Yep, I get "You must be logged in to register" and the login page is refreshed

Mohamed El Sharnoby
Mohamed El Sharnoby
8,226 Points
Mohamed El Sharnoby
Mohamed El Sharnoby
8,226 Points

apparently, the problem was that I was using 

def require_user
  if @current_user
     true

in my require method, when I used 

def require_user
  if current_user
     true

it worked, though not entirely as intended (the user is directed to index of his registrations [event_entries_path] as stated in the UserSessionsController instead of continuing what (s)he was doing [creating a new event_entry])

Kang-Kyu Lee
Kang-Kyu Lee
52,045 Points
Kang-Kyu Lee
Kang-Kyu Lee
52,045 Points

what happened when you try redirect_to :back? Just curious