ruby on rails - Login failure without clear error specification -

-

i'm trying authenticate application, , fails login. saw redirect login again if credentials(username , password ok).

in user.rb have :

class user < activerecord::base    validates :nome, :presence => true, :uniqueness => true    validates :password, :confirmation => true   attr_accessor :password_confirmation   attr_reader   :password    validate  :password_must_be_present      def user.authenticate(nome, password)     if user = find_by_nome(nome)       if user.hashed_password == encrypt_password(password, user.salt)         user       end     end   end    def user.encrypt_password(password, salt)     digest::sha2.hexdigest(password + "wibble" + salt)   end    # 'password' virtual attribute   def password=(password)     @password = password      if password.present?       generate_salt       self.hashed_password = self.class.encrypt_password(password, salt)     end   end    private      def password_must_be_present       errors.add(:password, "missing password") unless hashed_password.present?     end      def generate_salt       self.salt = self.object_id.to_s + rand.to_s     end       attr_accessible :hashed_password, :nome, :salt end

in user_controller have:

class userscontroller < applicationcontroller   # /users   # /users.xml   def index     @users = user.order(:nome)      respond_to |format|       format.html # index.html.erb       format.xml  { render :xml => @users }     end   end    # /users/1   # /users/1.xml   def show     @user = user.find(params[:id])      respond_to |format|       format.html # show.html.erb       format.xml  { render :xml => @user }     end   end    # /users/new   # /users/new.xml   def new     @user = user.new      respond_to |format|       format.html # new.html.erb       format.xml  { render :xml => @user }     end   end    # /users/1/edit   def edit     @user = user.find(params[:id])   end    # post /users   # post /users.xml   def create     @user = user.new(params[:user])     respond_to |format|       if @user.save         format.html { redirect_to(users_url,           :notice => "usuario #{@user.nome} criado com sucesso") }         format.xml  { render :xml => @user,           :status => :created, :location => @user }       else         format.html { render :action => "new" }         format.xml  { render :xml => @user.errors,           :status => :unprocessable_entity }       end     end   end    # put /users/1   # put /users/1.xml   def update     @user = user.find(params[:id])      respond_to |format|       if @user.update_attributes(params[:user])         format.html { redirect_to(users_url,           :notice => "usuario #{@user.nome} actualizado com sucesso.") }         format.xml  { head :ok }       else         format.html { render :action => "edit" }         format.xml  { render :xml => @user.errors,           :status => :unprocessable_entity }       end     end   end    # delete /users/1   # delete /users/1.xml   def destroy     @user = user.find(params[:id])     @user.destroy      respond_to |format|       format.html { redirect_to(users_url) }       format.xml  { head :ok }     end   end end

in session_controller have:

class sessionscontroller < applicationcontroller  skip_before_filter :authorize   def new   end    def create     if user = user.authenticate(params[:nome], params[:password])       session[:user_id] = user.id       redirect_to admin_url     else       redirect_to login_url, :alert => "nome usuario/password invalido"     end   end    def destroy     session[:user_id] = nil     redirect_to store_url, :notice => "logged out"   end end

in _form have:

<div class="mapira_form" > <%= form_for @user |f| %> <% if @user.errors.any? %> <div id="error_explanation" > <h2><%= pluralize(@user.errors.count, "error") %> prohibited user being saved:</h2> <ul> <% @user.errors.full_messages.each |msg| %> <li><%= msg %></li> <% end %> </ul> </div> <% end %>  <fieldset> <legend>entrar detalhes usuarioo</legend> <div> <%= f.label :nome %>: <%= f.text_field :nome, :size => 40 %> </div> <div> <%= f.label :password, 'password' %>: <%= f.password_field :password, :size => 40 %> </div> <div> <%= f.label :password_confirmation, 'confirmar password' %>: <%= f.password_field :password_confirmation, :size => 40 %> </div> <div> <%= f.submit %> </div> </fieldset> <% end %> </div>

and server responding in way:

=> booting thin => rails 3.2.9 application starting in development on http://0.0.0.0:3000 => call -d detach => ctrl-c shutdown server         security warning: no secret option provided rack::session::cookie.         poses security threat. recommended         provide secret prevent exploits may possible crafted         cookies. not supported in future versions of rack, ,         future versions invalidate existing user cookies.          called from: c:/ruby193/lib/ruby/gems/1.9.1/gems/actionpack-3.2.9/lib/action_dispatch/middleware/session/abstract_store.rb:28:in `ini tialize'.  >> thin web server (v1.5.1 codename straight razor) >> maximum connections set 1024 >> listening on 0.0.0.0:3000, ctrl+c stop   started post "/login" 127.0.0.1 @ 2013-08-13 10:37:16 +0200 connecting database specified database.yml processing sessionscontroller#create html   parameters: {"utf8"=>"v", "authenticity_token"=>"1a785bi1q0dqlq6kdcs7iep1hj4aqh3ylg51rrte31y=", "nome"=>"prombas", "password"=>"[filtered]" , "commit"=>"login"}   ←[1m←[36muser load (1.0ms)←[0m  ←[1mselect "users".* "users" "users"."nome" = 'prombas' limit 1←[0m redirected http://localhost:3000/login completed 302 found in 136ms (activerecord: 11.0ms)   started "/login" 127.0.0.1 @ 2013-08-13 10:37:18 +0200 processing sessionscontroller#new html   rendered sessions/new.html.erb within layouts/application (10.0ms) completed 200 ok in 53ms (views: 53.0ms | activerecord: 0.0ms)   started "/assets/logo.png" 127.0.0.1 @ 2013-08-13 10:37:19 +0200 served asset /logo.png - 304 not modified (5ms)

could me please?

the encryption method case-sensitive. try forcing password either upcase or downcase on both setting of hashed_password , in authenticate.


Comments

Post a Comment

Popular posts from this blog

ios - UICollectionView Self Sizing Cells with Auto Layout -

-
Image
i'm trying self sizing uicollectionviewcells working auto layout, can't seem cells size content. i'm having trouble understanding how cell's size updated contents of what's inside cell's contentview. here's setup i've tried: custom uicollectionviewcell uitextview in contentview. scrolling uitextview disabled. the contentview's horizontal constraint is: "h:|[_textview(320)]", i.e. uitextview pinned left of cell explicit width of 320. the contentview's vertical constraint is: "v:|-0-[_textview]", i.e. uitextview pinned top of cell. the uitextview has height constraint set constant uitextview reports fit text. here's looks cell background set red, , uitextview background set blue: i put project i've been playing on github here . updated ios 9 after seeing github solution break under ios 9 got time investigate issue fully. have updated repo include several examples of different configurations s
Read more

node.js - ldapjs - write after end error -

-
i have created authentication service using following code in node.js , ldapjs. var when = require ('when'); var authenticationerror = require('../errors/authenticationerror'); var sessionmanagerservice = require('./sessionmanagerservice'); var ldap = require('ldapjs'); var client = ldap.createclient({ url: 'ldaps://ad.mycompany.com:636', tlsoptions: {'rejectunauthorized': false} }); module.exports = { signin: function (email, password) { return this.ldapbind(email, password).then( function () { return sessionmanagerservice.createsessionhash({email: email}); } ); }, ldapbind: function (email, password) { var deferred = when.defer(); client.bind(email, password, function(err) { if (err) { deferred.reject (new authenticationerror('invalid username and/or password!', 'authentication.signin.error')
Read more

DOM Manipulation in Wordpress (and elsewhere) using php -

-
DOM Manipulation in Wordpress (and elsewhere) using php - i'm quite new dom manipulation world , head start in order avoid mutual errors. i looking efficient way manipulate content generated wordpress using php. @ moment using simple html dom seems work fine. found domdocument , few others , helpfull if cleared out 1 faster, improve or @ to the lowest degree generate less errors in case of bad markup. also on side can explain syntax (instead of $html @$html) thank much php wordpress domdocument simple-html-dom
Read more