3

I have implemented http basic authentication in my application, after the implementation of basic http authentication, current user is always nil in production mode. Pasted below my code for your reference.

In Application controller:

def authenticate_user
  if (Rails.env.production? && current_user_session.nil?)
    authenticate_or_request_with_http_basic do |username, password|
      username == HTTP_AUTHENTICATION_USERNAME && password == HTTP_AUTHENTICATION_PASSWORD
    end
  end
end

Where HTTP credentials are take from initializer file.

HTTP_AUTHENTICATION_USERNAME="xxxx"
HTTP_AUTHENTICATION_PASSWORD="yyy"

Also I tried "allow_http_basic_auth false" in user session model but it didnt solve the problem.

Rajat Singhal
  • 11,234
  • 5
  • 38
  • 56
loganathan
  • 5,838
  • 8
  • 33
  • 50

1 Answers1

0

I think that the issue might be your statement

if (current_user_session.nil?)

According to the documentation I found here - Authlogic documentation, the current_user_session never seems to actually be nil, even for an anonymous user.

Try using:

if (current_user.nil?)
Bryce
  • 2,802
  • 1
  • 21
  • 46
  • No, It is nil, the session created successfully, but it is not assigned to current_user. And It can be fixed by current_user=created_Session, but I think it is not appropriate to do. – loganathan Sep 10 '12 at 06:05
  • Have you tried just using the AuthLogic gem [https://github.com/binarylogic/authlogic_example](https://github.com/binarylogic/authlogic_example)? Here's another example of how you could set that up: [Example](http://stackoverflow.com/questions/8620791/authlogic-usersessions-controller-returning-nil?rq=1) – Bryce Sep 10 '12 at 16:57