Authlogic HTTP Basic UserSession.find returns nil, means declarative_authorization can't get a current_user

Question

When using Authlogic's HTTP Basic auth, UserSession.find returns nil since the session appears not to be set. As a result, declarative_authorization, which references the usual current_user method (as below), can't find a current user.

def current_user_session return @current_user_session if defined?(@current_user_session) @current_user_session = UserSession.find end

def current_user return @current_user if defined?(@current_user) @current_user = current_user_session && current_user_session.record end

Is it possible to create a session when a user auths via HTTP basic (even though that session will only last until the request closes) or is there a better way of doing this?

Answer 1

Bumping this. I'm exactly having the same issue (with the same gems - authlogic + declarative_auth).

Found the solution for me, all i needed was to copy the following code to the end of the authorization_rules.rb

privileges do
  privilege :manage, :includes => [:create, :read, :update, :delete]
  privilege :read, :includes => [:index, :show]
  privilege :create, :includes => :new
  privilege :update, :includes => :edit
  privilege :delete, :includes => :destroy
end

Answer 2

Having fiddled with Devise, everything now seems to be working, as long as when using ActiveResource I do site = "http://user:password@domain", rather than:

site = "http://domain"
username = "user"
password = "password"

Which doesn't work. I havn't taken the time to dig into why.