【发布时间】:2017-06-13 19:41:42
【问题描述】:
我正在阅读 Michael Hartl 的 The Ruby on Rails 教程,第 8.3 章注销会话,但我不明白删除 session[:user_id] 如何也可以删除 @current_user:
这里是会话控制器:
class SessionsController < ApplicationController
def new
end
def create
user =User.find_by(email: params[:session][:email].downcase)
if user && user.authenticate(params[:session][:password])
log_in(user)
redirect_to user
else
#flash.now will only flash once - if a new request or view is rendered,the flash will go away now
flash.now[:danger] = 'Invalid email/password combination'
render 'new'
end
end
def destroy
log_out
redirect_to root_path
end
end
这里是登录和注销助手的 SessionsHelper:
module SessionsHelper
def log_in(user)
session[:user_id] = user.id
end
def current_user
#find the user if @user is not defined yet, or else, just keep the current user
#that way we dont have to do a database search every time current_user is called
@current_user ||= User.find_by(id: session[:user_id])
end
def logged_in?
!current_user.nil?
end
def log_out
session.delete(:user_id)
end
end
按照我的理解,一旦登录后定义了@current_user,即使session[:user_id] 已被删除,因为它被设置为自身,变量不应该仍然存在吗?
@current_user ||= User.find_by(id: session[:user_id])
据我所知,没有删除@current_user 变量的操作。但是当我在调试器中测试它时,我可以看到一旦有人注销,@current_user 就变成了nil。
谁能给我解释一下机制?
【问题讨论】:
标签: ruby-on-rails ruby session logout railstutorial.org