[Radiant] Extensions and sessions

Sun, 22 Jul 2007 05:16:30 -0700 

I'm creating a Radiant extensions to secure some pages in a website,  
preventing it from opening without a valid login. To achieve this, I  
added a before filter to the site controller and created a special  
LoginPage type. If a user is not logged in and tries to enter a  
secured page, it will be redirected to a page of type LoginPage and  
prompted for an e-mailaddress and password. So far, so good.

The next step is to store the login information in the session, but  
it seems that sessions won't work. This is my code:

class LoginPage < Page

   description %{
     A login screen for secure pages
   }

   attr_reader :login_error

   @login_error = false

   def process(request, response)
     debugger
     if request.post?
       # If the login is successfull, set the session and redirect to  
the return_url or homepage
       if response.session[:website_user_id] =  
WebsiteUser.authenticate(request.parameters[:login][:email],  
request.parameters[:login][:password])
         response.redirect request.session[:return_url] || '/'
       else
         @login_error = true
         super(request, response)
       end
     else
       super(request, response)
     end
   end

   def cache?
     false
   end

   # ... Some special login tags ...

end

As you can see, it should store the website_user_id inside the  
response.session. Unfortunately this doesn't work.

I enabled session support for the SiteController and tried storing  
other information in the session from several places in the code.  
Even from a normal action inside the SiteController, sessions won't  
get stored. The weird thing is, that sessions do work once I try to  
login at the backend, but the session information from the backend is  
again not available in the frontend.

I looked through all the Radiant code, disabled some parts (like the  
LoginSystem), but can't find any cause of the weird session  
behaviour. What am I doing wrong?

The full code of my extension can be found at Google Code: http:// 
code.google.com/p/secure-pages/

Regards,

Edwin Vlieg
_______________________________________________
Radiant mailing list
Post:   [email protected]
Search: http://radiantcms.org/mailing-list/search/
Site:   http://lists.radiantcms.org/mailman/listinfo/radiant

Reply via email to