By the way, my best theory on why this is happening on one box but not the other is that the dev box went through intermediate steps like running with login_engine successfully before adding user_engine and making the prescribed changes. On the dev system because I'd been running login_engine for a couple of days already so when I brought things up to user_engine I had several working users already and my initial user setup didn't have to rely on user_engine's authorize_action.
Steve Koppelman wrote: > Since the Engines seem to be more actively maintained than the generator > I'd been using, I switched over and got everything working on my > development system. When I ran into a problem with changing passwords, I > checked this list and found the thread about applying the before_filter > as a mixin to my user_controller because I don't apply a filter to my > public controller, and I did the same for the roles controller and > everything seemed to work perfectly. > > Then I used Switchtower to transfer my latest build to my production > box. I migrated both engines, did a successful bootstrap, checked to > nsee that the tables were all properly populated, checked to see the > admin user was created with a good email address, and restarted Apache. > My unprotected controllers worked perfectly fine, so it's not a problem > with the app running. > > But the protected controllers? No dice. I delete my sessions in /tmp. I > do an explicit /user/logout. Whatever I do on protected controllers, I > get an endless loop of /user/login, using the "admin/testing" login/pw. > > Clicking "forgot password" gets me the same error as the post re: > login_engine of a couple of weeks ago: the error related to the nil user > when trying to display the flash. > > Again, on my dev box in dev environment I have no problems. When not > logged in, attempting to access a protected controller propmpts for > login, login works, and life proceeds as normal. Logging out, confirming > I'm logged out by trying to access a protected controller, and then > clicking the change_password link works like it's supposed to, from the > email to the token-based login to the new-password page. > > And unlike some recent posters, I'm not doing crazy things with routes. > Nothing interferes with the /user/ URI namespace. > > I have no idea why this is working in dev but not production. > > Here's what I've got at the top of each of my protected controllers, as > well as in otherwise empty mixin user and role controllers: > > before_filter :authorize_action > > I do not have this in application.rb because I have a controller that at > present doesn't require login. > > Thanks. -- Posted via http://www.ruby-forum.com/. _______________________________________________ engine-users mailing list [email protected] http://lists.rails-engines.org/listinfo.cgi/engine-users-rails-engines.org
