views:

38

answers:

1

When logout is clicked I want to redirect back to the page the user was on unless that page requires a user to be logged in.

scenario 1 - "back" requires a user 1) User clicks logout from user account page 2) redirected (ultimately) to root_path

scenario 2 - "back" does not require a user 1) User clicks logout from (not user required) events page 2) redirected (ultimately) to events_path

It's been suggested I update my before_filter :require_use method to be something like this:

  def require_user
    unless current_user
      flash[:notice] = "You must be logged in to view this page"
      redirect_to user_coming_from_logout_method? root_path : login_path
    end 
  end 

Except I've been unable to define #user_coming_from_logout_method?

One might think that it is simply:

request.referrer == "/logout"

But in the above example request.referrer actually == "/user_account", not the intermediate logout method. Very weird, I know.

Suggestions?

A: 

I don't think you can rely on the browser to set the referrer on a redirect. This thread discusses that issue in some detail.

Maybe set something in session in the logout controller, which you test for and then clear in the require_user method?

zetetic
dont think this would work for scenario 2 -- in that case the user never hits the #require_user method and therefore this session thing would never be cleared. It'd be left dangling and probably result in something unexpected down the line.
crankharder
..unless you also have a `require_no_user` method?
zetetic
doesn't that imply that every method must either require_user or require_no_user? that's not the case. I suppose I could add an after_filter to clear the session thing -- that's epic overkill though.
crankharder
Good point... it's not quite as simple a problem as it appears at first glance
zetetic
I try .........
crankharder