Session.create / Session.find Issue #286

Open
andrewtheis opened this Issue Oct 24, 2011 · 0 comments

1 participant

@andrewtheis

I'm working on an application that creates several dummy accounts for a legal case. These accounts do not have a username/password, but instead a 4 digit access code that coupled with the case number allows them to login. I was using the Session.create method after finding an account by the access code & matching case:

@account = Account.find_by_access_code(params[:account][:access_code])
@case = Case.find_by_justice_system_number(params[:case][:justice_system_number])

if @account && @case && @account.cases.include?(@case)
  Session.create(@account)
  [...]

However, a few errors occur - the persistence_token is not set & the session is not saved server side. So when Session.find is called, it cannot find the account:

Account Load (0.5ms)  SELECT `accounts`.* FROM `accounts` WHERE `accounts`.`id` = 53 LIMIT 1
Account Load (0.5ms)  SELECT `accounts`.* FROM `accounts` WHERE `accounts`.`persistence_token` = 53 LIMIT 1

The second line above is particularly odd, it seems to be falling back to using the ID as persistence_token. The workaround is to use

@session = Session.new(@account)
@account.reset_persistence_token!
@session.save

instead - which correctly sets the persistence_token and saves the session server side.

I could be misunderstanding the purpose of Session.create, so maybe this is how it is meant to work. Regardless, I hope this helps anyone having similar issues.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment