find_by_* method is not returning the object

Question

I am trying to set up a simple authentication for my rails application. I have a security_users scaffold and have created some users.

When, I am trying to log in using some of these accounts it seams that the "find_by_*" method is not able to detect the current one.

This is how my session controller looks like (I have comment the password check in purpose in order to debug the issue):

class SessionsController < ApplicationController

  def new
  end

  def create
    @security_user = SecurityUser.find_by_email(params[:email])
    if @security_user #&& @security_user.authenticate(params[:password])
      session[:security_user_id] = @security_user.id
      redirect_to root_url, notice: "Logged in!"
    else
      flash.now.alert = "Email or password is invalid"
      render 'new'
    end
  end

  def destroy
    session[:user_id] = nil
    redirect_to root_url, notice: "Logged out!"
  end
end

So, when I try to create a session (to log in) I am redirect to the session 'new' template. This is the debug information:

enter image description here

which seems to be all right. Why the following statement could not find the record:

SecurityUser.find_by_email(params[:email])

EDIT:

When I entered the line above in the console it is returning the record:

enter image description here

@Rinku I am not getting any errors - the helper (find_by_email) is not able to find the user and because of this a session can not be created. — gotqn, Jun 09 '13 at 16:21
hv u checked it with rails console? r u able to get it there? — Rinku, Jun 09 '13 at 16:26
@Rinku Yes, I have updated the question - the method is working there. — gotqn, Jun 09 '13 at 16:34
I have call "debug params" in the session new partial and as you can see from the screenshot from my question the value of email is corrrect. — gotqn, Jun 09 '13 at 16:47
let us [continue this discussion in chat](http://chat.stackoverflow.com/rooms/31486/discussion-between-gotqn-and-rinku) — gotqn, Jun 09 '13 at 16:55

score 1 · Accepted Answer · answered Jun 09 '13 at 17:24

First off, unless this is a simple exercise in Rails authentication, you should use Devise or AuthLogic at this stage.

Second, are you sure that params[:email] contains the email you are looking for? From your params, it looks to me like you want to use params[:session][:email].

Third, you should move this down into the model. For example:

class SecurityUser < ActiveRecord::Base
  def self.authenticate(params)
    user = where(email: params[:email]).first
    (user && user.password == params[:password]) ? user : false
  end
end

And in the controller:

@user = SecurityUser.authenticate params[:session]
session[:user_id] = user.id if @user

Note above that the password is not hashed - you should not save a plain text password - but that's not what this is about.

Also note that now you should use where().first instead of find_by.

Yes, it is was [:session][:email] - that was causing the issue. I am not using ready solutions like Devise in order to run how to make the things myself. Why I need to move this into my model instead of using the "authenticate" method. Also, the password is not saved as plain text - I am using bcrypt. — gotqn, Jun 09 '13 at 17:39

find_by_* method is not returning the object

1 Answers1