How can I find a devise user by it's session id?
At least on my system (rails 3.2, devise 2.0.4), you can do it like this:
session
is:
{"session_id"=>"be02f27d504672bab3408a0ccf5c1db5", "_csrf_token"=>"DKaCNX3/DMloaCHbVSNq33NJjYIg51X0z/p2T1VRzfY=", "warden.user.user.key"=>["User", [3], "$2a$10$5HFWNuz5p6fT3Z4ZvJfQq."]}
session["warden.user.user.key"][1][0]
, then is 3
.
So, I'd find it as:
User.find(session["warden.user.user.key"][1][0])
Get UserID for Current User using Devise/Rails
I see a few problems here
def index
@currentUser = current_user.id
end
Other than what @HolyMoly already commented, you should use underscore and not camelcase, if current_user
is nil here, .id
will fail on it, resulting in an exception.
Second, you are checking "ability" by comparing values of ids, I would change your code to do this
<% if allow_product_delete?(@product) %>
In a helper
def allow_product_delete?(product)
return false unless current_user
@product.user_id == current_user.id
end
if you are using devise current_user
exists in controller and views, you don't need to define it as an instance variable, it's already defined as a controller method on all actions (by default). so by calling current_user
in your views you are done.
If a user is not logged in, current_user
will be nil, you always have to prepare for this and protect against it.
Last, I would look into ability gems (cancan or cancancan), those provide a very nice DSL for dealing with what you were trying here.
Who's Online using Devise in Rails
https://github.com/ctide/devise_lastseenable
You can use this gem that I wrote to store the 'last_seen' timestamp of a user. From there, it's pretty trivial to display the users who were last_seen in the last 5 or 10 minutes.
Finding User ID from Sessions
As indicated by @Bohdan, you may want to shorten your code a bit like this:
Activity.log( session[:user_id] )
In your case, you don't have to rely on ActiveRecord mechanisms.
Get user from device/warden session cookie
The way I describe for deserializing the cookie is just the right way. It is actually the same in Devise, the keys just changed and I jumped to quickly to the conclusion that there must be a different serilization process going on.
How does rails/devise handle cookie sessions?
The default rails session storage is CookieStore. This means that all the session data is stored in a cookie rather than in the database anywhere. In Rails 3.2 the cookie is signed to prevent tampering, but not encrypted. In Rails 4 it's generally encrypted by default. The fact that it's in a cookie is how it persists across restarts of your server. It also means you can only store 4k of data and you wouldn't want to store anything sensitive in there in Rails < 4. It's best to keep a minimum of data in the session anyway.
You can also opt for storing the session data in the database and only having a session id in a cookie.
This answer I gave the other week has some extra info that might be useful:
Sessions made sense to me before I started reading about them online
Also, the rails api doc for CookieStore gives a nice summary:
http://api.rubyonrails.org/classes/ActionDispatch/Session/CookieStore.html
Related Topics
Ruby $Stdin.Gets Without Showing Chars on Screen
How to Configure Mongomapper and Activerecord in Same Ruby Rails Project
What's the Fastest Way to Check If a Word from One String Is in Another String
Using Ruby and Net-Ssh, How to Authenticate Using the Key_Data Parameter with Net::Ssh.Start
Help Understanding Yield and Enumerators in Ruby
Ruby on Rails, Paperclip, Amazon Aws S3 & Heroku
Rails Sort Tags by Most Used (Tag.Posts.Count)
Changing Active Model Serializers Default Adapter
How to Recursively Require All Files in a Directory in Ruby
Rails: Why Images Are Not Showing in My Rails Basic App
How to Get a HTML Table Row with Capybara
Scientific Programming with Ruby
Pg Error Could Not Connect to Server: Connection Refused Is the Server Running on Port 5432
Change Error Field Name in Rails