Hi,
Can anyone confirm what config exactly is required to make the one time password (persistence_token) work?
From what I can work out so far it is the following, however this isn't working for me so I must be wrong:
- pass an additional URL parameter of "user_credentials=xxxxpersistence_tokenxxxx"
- question - are there any other URL parameters required beyond this? any user id or username?
- have the persistence_token field in my database table (which it is and I can see it populated)
- have "acts _as _authentic " in my user model per normal
- question: is "acts _as _authentic " required in each of my own models?
When I enter a URL in the browser directly to one of my own model resources following the above I see in the logs:
(a) initial request - Redirected to http://localhost:3000/user%5Fsession/new
(b) and then for this redirect:
Processing UserSessionsController#new (for 127.0.0.1 at 2009-12-03
06:14:24) [GET]
Parameters: {"action"=>"new", "controller"=>"user_sessions"}
User Columns (3.4ms) SHOW FIELDS FROM `users`
User Indexes (0.9ms) SHOW KEYS FROM `users`
Rendering template within layouts/application
Rendering user_sessions/new
SQL (0.6ms) SELECT count(*) AS count_all FROM `users` WHERE
(last_request_at > '2009-12-02 20:04:24')
Completed in 182ms (View: 151, DB: 5) | 200 OK [http://localhost/
user_session/new]
(c) But then the web-page ends up on the login page, and not automatically on the page I was after - i.e. I was expecting that the one-time password would allow AuthLogic to automatically do the session and then authentication?
Thanks
PS. Wonder if it related to this authlogic code I found in params.rb
def single_access_allowed_request_types(value = nil)
rw_config(:single_access_allowed_request_types, value, ["application/rss+xml", "application/atom+xml"])
end