views:

32

answers:

1

I have additional variables I add to an authlogic users session like:

session[:current_profile] = extra_id

I currently destroy these on logout in a controller like:

session[:current_profile] = nil

I'd like to clean this up and destroy them in the session model in the after_destroy method like:

def after_destroy
   session[:current_profile] = nil
end

This session method doesn't seem to be callable from the models though. Any idea how to destroy a session variable from a model?

Thanks!

+2  A: 

You're really not supposed to alter things in the Controller space from the Model space, which is to say, a Model should not be controlling a Controller. Models should be able to run independently of a controller, such as in unit tests where no controller is present.

While you might be able to wrangle this sort of thing with an Observer, I don't know of an easy way to do this. It's probably better to have the controller perform all the required actions directly.

If you put an after_destroy hook like this in you will have some serious side-effects if, for example, a user logged in as an admin destroys another user account and then their session profile suddenly disappears.

tadman
It seems more logical to me to handle the session deletion stuff in the models, but I guess this isn't convention. In my case it would actually be worse if I forgot to destroy this extra session data and that's why I was trying to tie it to the after_destroy. Thanks for the feedback though!
bandhunt
At first a lot of things seem logical if done one way, but then you end up spending a ton of time trying to mitigate side-effects and it ends up being more complicated in the end. Hiding magical features in your before and after triggers can make a program very hard to debug if you later have issues. Better to expose them in the controller where the series of events is made clear, even at the expense of some minor redundancy.
tadman