Search code examples
rubymerbmerb-auth

merb_auth_password_slice does not maintain the session


Having integrated merb_auth_password_slice as per the README, I can successfully login as redirect_after_login is being triggered, although session.authenticated? returns false.

Just trying the basic auth strategy for now (password form), can't seem to get it working, any ideas?

My init file:

require 'dm-validations'

dependencies "merb-more", "merb_helpers", "merb-slices", "merb_auth_password_slice"


Merb::BootLoader.before_app_loads do
  DataMapper.setup(:default, "sqlite3://config/dev.db")
end

Merb::BootLoader.after_app_loads do
    # have already done this
    # raise "You must specify a valid openid in Merb.root/config/open_id to use this example app" unless File.exists?(Merb.root / "config" / "open_id")
    # # DataMapper.auto_migrate!
    # User.create(:login => "admin", 
    #             :password => "password", :password_confirmation => "password", 
    #             :email => "[email protected]", 
    #             :identity_url => File.read(Merb.root / "config" / "open_id"))
end

Merb::Config.use do |c|
  c[:session_secret_key]  = 'my key'
  c[:session_store] = 'cookie'
end

Setup.rb

class Authentication

  def store_user(user)
    return nil unless user
    user.id
  end

  def fetch_user(session_info)
    User.get(session_info)
  end

end # Authentication

Solution

  •   # before(nil, :only => [:update, :destroy]) { session.abandon! }
    

    This is the culprit in the slice's session controller