Search code examples
ruby-on-railssorcery

Sorcery Simple Login with username


I'm working on a blog website written in RoR and got stuck on a problem with Sorcery. I did the tutorial from their documentation to create the simple login. My problem is, that they use email to identify the user at the login.

So I tried to modify my session controller to send the username as parameter instead of email and modified my view accordingly.

The log says that everything works fine and the username and password is passed to the database. But, and I can't find a solution to that, the SQL string that's generated still uses "authors"."email" as parameter.

How can I fix that?

My log:

Processing by AuthorSessionsController#create as HTML
Parameters: {"utf8"=>"✓", "authenticity_token"=>"ForXjJMiPCI6H37xqtPzGwa9XBOHx1yIaGjlZdUd6Iw+G4M5v6s/JXrFcGG5VVyuFl6Is+cr5Zp/fxJcNyS/Tw==", "username"=>"Test", "password"=>"[FILTERED]", "commit"=>"Login"}
Author Load (0.5ms)  SELECT  "authors".* FROM "authors" WHERE "authors"."email" = 'Test' ORDER BY "authors"."id" ASC LIMIT ?  [["LIMIT", 1]]
Rendering author_sessions/new.html.erb within layouts/application
Rendered author_sessions/new.html.erb within layouts/application (2.4ms)
Completed 200 OK in 63ms (Views: 49.6ms | ActiveRecord: 2.5ms)

My session controller:

class AuthorSessionsController < ApplicationController
  def new
  end

  def create
    if login(params[:username], params[:password])
      redirect_back_or_to(articles_path, notice: 'Logged in successfully.')
    else
      flash.alert = 'Login failed.'
      render action: :new
    end
  end

  def destroy
    logout
    redirect_to(articles_path, notice: 'Logged out!')
  end
end

My new.html.erb

<h1>Login</h1>

<%= form_tag author_sessions_path, method: :post do %>
<div class="field">
  <%= label_tag :username %>
  <%= text_field_tag :username %>
  <br>
</div>
<div class="field">
  <%= label_tag :password %>
  <%= password_field_tag :password %>
  <br>
</div>
<div class="actions">
  <%= submit_tag 'Login' %>
</div>
<% end %>

<%= link_to 'Back', articles_path %>

Solution

  • I did encounter the same problem, and the following helped: - when installing sorcery (rails g sorcery:install) in the migration file change the :email to :username so it would look like this

        class SorceryCore < ActiveRecord::Migration[5.0]
          def change
            create_table :users do |t|
              t.string :username,            :null => false
              t.string :crypted_password
              t.string :salt
    
              t.timestamps                :null => false
            end
    
            add_index :users, :username, unique: true
          end
        end
    
    • then rake db:migrate so I had a user model
    • I saw you made the users_sessions already, so lets skip the rails generate controller UserSessions new create destroy and populating the views part
    • in my users_sessions_controller.rb file at the create action I also call login(params[:username], params[:password]), which is a sorcery method and by default it takes :email as a username_attribute
    • to change that to :username, I went to the /config/initializers/sorcery.rb and found a config.user_config do |user| line (around line 188), and added user.username_attribute_names = [:username] to it, so instead of the email, it would take username.

    This solved it for me. Don't forget to change the :email to :username everywhere you use it.