I'm not sure why but my session gets wiped out every request.
This is my code
require 'rubygems'
require 'sinatra'
require 'sinatra/base'
require 'haml'
require 'facebook_oauth'
class MyClass < Sinatra::Base
set :logging, true
set :sessions, true
get "/auth/facebook_callback" do
// Do some facebook login which is fine
access_token = facebookClient.authorize(:code => params[:code])
session[:access_token] = access_token.token
session[:user] = facebookClient.me.info['name']
session[:id] = facebookClient.me.info["id"]
#print session by "pp session" I can still see all the sessions
redirect '/'
end
get '/' do
#print all the sessions again. And I can't see anything. The session_id is also different
end
end
To keep sessions consistent you need to set a session secret, e.g.:
set :session_secret, 'super secret'
When it's not set sinatra generates random one on application start and shotgun restarts application before every request.
Related
I'm trying to make a ruby class manage most of what's going on in my application, and I intend to manage its params through the erb with embeded Ruby Code. I picture it goes something like this, but it's obviously not working:
require 'sinatra'
require './models/questionaire_manager'
set :bind, '0.0.0.0'
set :port, ENV['PORT']
enable :sessions
set :session_secret, 'SecretString#!$%'
get '/' do
#questionaire=Questionaire_Manager.new 0
erb :index
end
post '/' do
session[:number]=params[:number]
redirect '/quiz'
end
get '/quiz' do
#questionaire.number=session[:number]
#questionaire.genQuestionaire
erb :quiz
end
post '/quiz' do
redirect'/results'
end
get '/results' do
#number=session[:number]
erb :results
end
I guess I should also say I can't get the hang of sessions and session params, and since Sinatra's page has been down for almost a week now, I really cannot check it out.
Try something like this maybe?
require 'sinatra'
require './models/questionaire_manager'
set :bind, '0.0.0.0'
set :port, ENV['PORT']
enable :sessions
set :session_secret, 'SecretString#!$%'
helpers do
def quiz_manager
#questionaire = session[:quiz_manager] ||= Questionaire_Manager.new 0
end
end
get '/' do
# Uncomment the line below if you intend to create a new quiz each time
# session[:quiz_manager] = nil
quiz_manager # Initializes the session variable
erb :index
end
post '/' do
quiz_manager.number = params[:number]
redirect '/quiz'
end
get '/quiz' do
quiz_manager.genQuestionaire
erb :quiz
end
post '/quiz' do
redirect '/results'
end
get '/results' do
#number = quiz_manager.number
erb :results
end
Edit:
To clarify what this is doing -- I've created a helper method called quiz_manager that initializes session[:quiz_manager] if it hasn't already been set - This will persist between routes. I'm also setting the class variable #questionnaire so that you can access it within your views.
I looked at the Sinatra docs and they only seem to reference HTTP authentication. I'm looking for a really simple way to control access to routes based on a user being authorised/authenticated via an LDAP server.
I've already built a class that does the LDAP bit and returns an LDAP object if the user has successfully authenticated and nil if they haven't:
>>DirectoryUser.authenticate('user', 'password')
#<DirectoryUser:0x007ffb589a2328>
I can use this to determine if they've successfully authenticated or not.
As a next step I want to splice this into a simple Sinatra app that provides a form to collect the LDAP user and password:
require 'directoryUser'
require 'sinatra'
enable :sessions
get '/form' do
username = params[:username]
password = params[:password]
haml :form
end
Then I want to only allow routes if the 'DirectoryUser' object exists:
get '/protected' do # Only if DirectoryUser object exists
"This route is protected"
end
get '/unprotected' do
"This route is unprotected"
end
I've spent hours trying to find an answer to this but so far and can't seem to find anything that works for me.
I'd probably go with something like this:
require 'directoryUser'
require 'sinatra'
enable :sessions
helpers do
def authorize!
redirect(to('/login')) unless session[:user_id]
end
end
get '/login' do
haml :login # with the login form
end
post '/login' do
user = DirectoryUser.authenticate(params[:username], params[:password])
if user
session[:user_id] = user.id
# Or: session[:logged_in] = true, depending on your needs.
redirect to('/protected')
else
redirect to('/login')
end
end
get '/protected' do
authorize!
'This route is protected'
end
get '/unprotected' do
'This route is unprotected'
end
I want to show flash messages using sinatra-redirect-with-flash gem.
Here's my ruby code:
require 'sinatra'
require 'sinatra/base'
require 'sinatra/flash'
require 'sinatra/redirect_with_flash'
require 'data_mapper'
require 'haml'
require 'builder'
# ...
class App < Sinatra::Base
enable :sessions
register Sinatra::Flash
helpers Sinatra::RedirectWithFlash
use Rack::MethodOverride
get '/' do
#notes = Note.all :order => :id.desc
#title = 'All TODOs'
if #notes.empty?
flash.now[:error] = 'No TODOs found. Add your first below.'
end
haml :home
end
post '/' do
n = Note.new
n.content = params[:content]
n.created_at = Time.now
n.updated_at = Time.now
if n.save
redirect '/', :notice => 'TODO saved successfully.'
else
redirect '/', :error => 'Failed to save TODO.'
end
end
# ...
end
And views/layout.haml is:
!!! 5
%html{:lang => "en"}
%head
%meta{:charset => "utf8"}
%body
%header
%hgroup
%h1
%a{:href => "/"}= SITE_TITLE
%h2= SITE_DESCRIPTION
#main
=styled_flash
=yield
After adding a TODO successfully, I expected to see the flash message 'TODO saved successfully.' on the home page. But no flash messages are shown after redirection when I run my app using shotgun. Flash messages are shown well when I run ruby app.rb or rackup.
How can I solve this problem?
Another problem is also happening when I run the app using shotgun. In get '/' method, if I use flash[:error] instead of flash.now[:error], the flash message doesn't show up on the page.
I am shadowning this tutorial, but I made some differences:
erb -> haml
Classic Sinatra app -> Subclassing Sinatra::Base
rack-flash -> sinatra-flash
You can browse whole codes here.
Thanks for any answers/comments.
The shotgun gem reloads Sinatra after every request. The README says:
Each time a request is received, it forks, loads the application in
the child process, processes the request, and exits the child process. The
result is clean, application-wide reloading of all source files and templates on
each request.
As a result, you will need some sort of mechanism to preserve state between requests that doesn't rely on data stored in each child process.
I have a Sintra app with a /health/api endpoint, described below, that gets called many times a second by my load balancers. I would like to remove the default logging for only this route, or conversely print to the logs only the endpoints I care about.
get '/health/api' do
# Health Check
'I keep quiet'
end
get '/members' do
# get members data
'This request gets logged'
end
You cannot configure the default Rack::CommonLogger to print only some requests, and keep quiet on others. But you can disable the default CommonLogger and use your own with filtering capabilities instead:
require 'rubygems'
require 'rack'
require 'sinatra'
LOGGING_BLACKLIST = ['/health/api']
class FilteredCommonLogger < Rack::CommonLogger
def call(env)
if filter_log(env)
# default CommonLogger behaviour: log and move on
super
else
# pass request to next component without logging
#app.call(env)
end
end
# return true if request should be logged
def filter_log(env)
!LOGGING_BLACKLIST.include?(env['PATH_INFO'])
end
end
disable :logging
use FilteredCommonLogger
get '/members' do
# get members data
'This request gets logged'
end
get '/health/api' do
# Health Check
'I keep quiet'
end
You can obviously also write your custom logger that only logs "whitelisted" requests.
The session is not preserved between requests, though I can't see what I'm doing wrong. Code!
require 'sinatra'
require 'rack/fiber_pool'
class SessionTest < Sinatra::Base
use Rack::FiberPool
enable :sessions
set :session_secret, "foobar"
get '/' do
body { session.inspect } #This is always '{}'!
end
get '/a' do
session['user'] = "bob"
redirect '/'
end
end
run SessionTest.new
Try this instead:
require 'sinatra'
require 'rack/fiber_pool'
class SessionTest < Sinatra::Base
enable :sessions
set :session_secret, "foobar"
get '/' do
body { session.inspect } #This is always '{}'!
end
get '/a' do
session['user'] = "bob"
redirect '/'
end
end
use Rack::FiberPool
run SessionTest.new
Otherwise Sinatra will set up the fiber pool after the session middleware, which doesn't work. This is not a bug but caused by the way Rack::FiberPool works.
Turns out replacing enable :sessions with use Rack::Session::Cookie is enough to make it work.
But why!?