When using Authlogic's HTTP Basic auth, UserSession.find returns nil since the session appears not to be set. As a result, declarative_authorization, which references the usual current_user method (as below), can't find a current user.
def current_user_session
return @current_user_session if defin开发者_运维问答ed?(@current_user_session)
@current_user_session = UserSession.find
end
def current_user
return @current_user if defined?(@current_user)
@current_user = current_user_session && current_user_session.record
end
Is it possible to create a session when a user auths via HTTP basic (even though that session will only last until the request closes) or is there a better way of doing this?
Bumping this. I'm exactly having the same issue (with the same gems - authlogic + declarative_auth).
Found the solution for me, all i needed was to copy the following code to the end of the authorization_rules.rb
privileges do
privilege :manage, :includes => [:create, :read, :update, :delete]
privilege :read, :includes => [:index, :show]
privilege :create, :includes => :new
privilege :update, :includes => :edit
privilege :delete, :includes => :destroy
end
Having fiddled with Devise, everything now seems to be working, as long as when using ActiveResource I do site = "http://user:password@domain", rather than:
site = "http://domain"
username = "user"
password = "password"
Which doesn't work. I havn't taken the time to dig into why.
精彩评论