views:

220

answers:

1

Hi Everyone,

I have a rails app with a mobile view using jqtouch. If the application is viewed on an iPhone application.mobile.erb loads in place of the default application.HTML.erb.

Everything works fine, except the login. Users can login and then view the content. However, they have to login everytime they load the site. Is there a way of making the iPhone store the credentials as a cookie or similar?

I have noticed that if I view the desktop version on my iPhone and login, my login credentials are stored so I don't have to login everytime. Once I switch over to the iPhone specific jqtouch version I have to login every time.

The difference is that on the desktop version I enter the login details directly into the login form I made, but on the iPhone jqtouch version a popup from the iPhone UI requests the login information.

The application uses the Restful Authentication plugin: http://github.com/technoweenie/restful-authentication

Thanks,

Danny

You can view the application on github:

www.github.com/dannyweb/baseapp2
+1  A: 

Disclaimer: I'm fairly new to RoR, so this is my best guess and may be totally off...

I noticed that in your app/views/dashboard you have index.html.erb and index.mobile.erb, so I'm assuming that you're using a .mobile suffix for getting your iPhone specific mobile pages.. In your lib/authenticated_system.rb, your access denied method is:

  def access_denied
      respond_to do |format|
        format.html do
          store_location
          redirect_to new_session_path
        end
        # format.any doesn't work in rails version < http://dev.rubyonrails.org/changeset/8987
        # you may want to change format.any to e.g. format.any(:js, :xml)
        format.any do
          request_http_basic_authentication 'Web Password'
        end
      end
    end

This method gets called whenever an unauthorized user tries to access content (see your authorized method to see what qualifies a user as authorized). This method responds to requests based on the format requested.. i.e. any .html requests hit the format.html do block. Since there's no format.mobile block, all .mobile requests end up hitting the format.any block. This results in the behavior you explained in your question:

The difference is that on the desktop version I enter the login details directly into the login form I made, but on the iPhone jqtouch version a popup from the iPhone UI requests the login information.

The other difference between the two is that format.html creates a session, while format.any only requests credentials and does not make a session.

Have you considered adding a format.mobile block to specify how the authentication system should handle .mobile requests so that a session is created (similar to the format.html block)? You could even try using the same request_http_basic_authentication method (so that the iPhone UI request the credentials), but then do something with the submitted credentials to create a session or cookie.

Again, I may be totally off base, but hopefully my answer does more help than harm!

hmasson4