I've got a Rails 3.2.8 app using Sorcery for authentication. Sorcery provides a current_user method, pretty standard stuff.
My app has subscriptions, they work pretty much in the standard resourceful way. Here's the abridged version of the controller:
class SubscriptionsController < ApplicationController
before_filter :require_login
force_ssl
def show
@subscription = SubscriptionPresenter.new( current_user )
end
def create
handler = StripeHandler.new( current_user )
...
end
def destroy
handler = StripeHandler.new( current_user )
...
end
end
The #show action works fine, current_user loads. However, right now #create does not work, because current_user ends up being nil in that action.
So, why is current_user nil when a logged in user posts to this action? My guess is something about the way sessions work over SSL, but I don't know what I'm missing here...
I figured this out. It turns out that I was actually getting a silent exception in a 3rd-party library that I was interacting with, and that exception was causing an 'unauthorized' request which logged the user out. After patching that it turns out there was nothing wrong with my controller specifically. Thanks for the pointers, all.