No session model. How can I create specific errors about why the submission of the form was unsuccessful, except that you noticed a general notice of rejection?
Recall from Section 7.3.3 that we displayed registration errors using user model error messages. These errors are related to a specific Active Record object, but this strategy does not work here because the session is not an Active Record model. Instead, place the message in a flash well to display when login fails. Rails Tutorial
controller
class SessionsController < ApplicationController def new end def create user = User.find_by(email: params[:session][:email].downcase) if user && user.authenticate(params[:session][:password]) if user.activated? log_in user params[:session][:remember_me] == '1' ? remember(user) : forget(user) redirect_back_or user else message = "Account not activated. " message += "Check your email for the activation link." flash[:warning] = message redirect_to root_url end else flash.now[:danger] = 'Invalid email/password combination' render 'new' end end
The form
<%= form_for(:session, url: login_path) do |f| %> <%= f.label :email %> <%= f.email_field :email, class: 'form-control' %> <%= f.label :password %> <%= f.password_field :password, class: 'form-control' %> <%= f.submit "Sign in", class: "btn btn-primary sessions" %> <% end %>
Parameters are passed as:
POST "/ login" was launched for 68.204.49.62 on 2016-09-06 17:33:59 +0000 2016-09-06T17: 33: 59.165393 + 00: 00 app [web.1]: Parameters: {"utf8" = > "✓", "authenticity_token" => "DhKuJCjbeVgBOsQiujgd34540Vk3i5ouRFpAm8JnU9ZKWlMZhxN7VPnWJrfuuKmgFNTvsDfJ" = ">"> "="> Email> = ">> =" = "Email> =" Email> = "=} "0"}, "commit" => "Login"}
Edit: So, I was thinking about this?
def create user = User.find_by(email: params[:session][:email].downcase) if user if user.authenticate(params[:session][:password]) if user.activated? log_in user params[:session][:remember_me] == '1' ? remember(user) : forget(user) flash.now[:success] = "Great job dude!" redirect_back_or user elsif !user.activated? message = "Account not activated. " message += "Check your email for the activation link." flash[:warning] = message redirect_to root_url else flash.now[:danger] = "Something went wrong, please try again." render 'new' end elsif !user.authenticate(params[:session][:password]) flash.now[:danger] = "Incorrect password." render 'new' else flash.now[:danger] = "Something went wrong. Please try again." render 'new' end elsif !user flash.now[:danger] = 'Incorrect email' render 'new' else flash.now[:danger] = "Something went wrong, please try again or contact support." render 'new' end end
This works from trial / error testing, but does not look perfect / dry.
source share