1

I am installing Kissmetrics on my rails app by storing events in a session variable and then passing them into the kissmetrics javascript code on the subsequent page. This method works great except for trying to track accounts getting created. It seems that when I store the account created event in my session variable it works fine, but by the time the next page loads, the session variable is gone. I put debugger in there to try to find where it is getting deleted but it seems there's nothing. km_log_event is a method that stores the string in a session variable called km_events. Here's my code:

accounts_controller/create -->

...    
if @account.save 
            log_event("Account", "Created", @account.name)
            km_log_event("Account Created")
            redirect_to(welcome_url(:subdomain => @account.subdomain)) 
            @user.activate!
            @user.add_connection(params[:connect_to])
          else
            render(:action => 'new', :layout => 'signup')
          end
...

sessions_controller/welcome -->

def welcome
    if current_account.new?
      # Create the session for the owner, the account is brand new
      current_account.user_sessions.create(current_account.owner, true)
    elsif current_account.users.last && current_account.users.last.created_at > 1.hour.ago
      current_account.user_sessions.create(current_account.users.last, true)
    end
    redirect_to embedded_invitations_path
  end

I'm just not sure where it is getting deleted so I can't record this event. It seems to be happening after @account.save in the accounts controller but before the welcome action.

UPDATE:

here is the accounts module where I believe (this isn't my codebase) current_account gets defined.

module Accounts
    def self.included(controller)
        controller.helper_method :current_account
    end

    protected

        def current_account
            return @current_account if defined?(@current_account)
            @current_account = Account.find_by_subdomain!(current_subdomain)
        end
end
Mike Causer
  • 8,196
  • 2
  • 43
  • 63
Matthew Berman
  • 8,481
  • 10
  • 49
  • 98

2 Answers2

3

An invalid csrf token will have the session be reset. Could this be happening?

You can test this easily by removing the following from your controller (usually in ApplicationController)

  protect_from_forgery
Peter Ehrlich
  • 6,969
  • 4
  • 49
  • 65
  • I removed protect_from_forgery and it still deleted it. I put the km_log_event in the welcome action after if current_account.new? and that seems to make it work. However, I'd still like to know why the session var is being deleted. – Matthew Berman Feb 19 '12 at 20:01
  • how is the new session made? Does it erase existing? `current_account.user_sessions.create` looks suspicious. – Peter Ehrlich Feb 19 '12 at 22:32
  • 1
    the session var gets deleted before that line of code. Is there another way you suggest doing this? – Matthew Berman Feb 23 '12 at 20:35
  • can I see the current_account method? May it actually initializes itself when used in the condition, causing the session to reset – Peter Ehrlich Feb 23 '12 at 21:12
0

I think this is happening as you are trying to share session between subdomains. To achieve this you have to do some configuration.

Refer Subdomain Session Not Working in Rails 2.3 and Rails 3 on Heroku with/without a Custom Domain?

Community
  • 1
  • 1
DeathHammer
  • 650
  • 6
  • 11
  • great. I think this is what i was looking for. However, I don't want to store it between ALL subdomains (I think this will cause security issues since each account has their own subdomain) but rather I want to allow sessions to be carried on between signup.website.com and any subdomain.website.com but not between the individual account subdomains. how can I do that? – Matthew Berman Feb 25 '12 at 17:55