I think I'm just missing something obvious. I send a user a perishable token embedded in a link. They click on it, and they come back to the site. I want to log them in automatically --- authenticated by their perishable token, not the password. (I'm not building a banking app).
This seems like this should be simple, but all the examples I've found require a password. How do I skip this completely? When开发者_StackOverflow I try to get UserSession.create to work, it reports a validation error and will not create the user session. What is the way around this?
@user = User.find_by_perishable_token(params[:token])
if @user
if !current_user
# skip sign-in
UserSession.create!(@user.email)
# => error "You did not provide any details for authentication."
...
I have googled extensively but haven't found the answer.
Doesn't UserSession.create take a user object as it's first argument? If so, couldn't you just do:
UserSession.create(User.find_by_perishable_token(params[:token]))
@current_user_session = UserSession.find
Or is that where you're running into problems?
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论