Currently I am working on sample web application. In this application, user can sign up via JSON API as well as from browser.
For JSON API authentication I have used gem devise_token_auth https://github.com/lynndylanhurley/devise_token_auth and it is working fine. I am able to sign up via API.
But now I have to provide sign up functionality from the web browser.
(URL: http://localhost:3000/auth/sign_up) getting following error
The action 'new' could not be found for DeviseTokenAuth::RegistrationsController
So how can I allow sign up from the web browser.
Here is my routes.rb file
Rails.application.routes.draw do
mount_devise_token_auth_for 'User', at: 'auth'
end
Generated routes
Prefix Verb URI Pattern Controller#Action
new_user_session GET /auth/sign_in(.:format) devise_token_auth/sessions#new
user_session POST /auth/sign_in(.:format) devise_token_auth/sessions#create
destroy_user_session DELETE /auth/sign_out(.:format) devise_token_auth/sessions#destroy
new_user_password GET /auth/password/new(.:format) devise_token_auth/passwords#new
edit_user_password GET /auth/password/edit(.:format) devise_token_auth/passwords#edit
user_password PATCH /auth/password(.:format) devise_token_auth/passwords#update
PUT /auth/password(.:format) devise_token_auth/passwords#update
POST /auth/password(.:format) devise_token_auth/passwords#create
cancel_user_registration GET /auth/cancel(.:format) devise_token_auth/registrations#cancel
new_user_registration GET /auth/sign_up(.:format) devise_token_auth/registrations#new
edit_user_registration GET /auth/edit(.:format) devise_token_auth/registrations#edit
user_registration PATCH /auth(.:format) devise_token_auth/registrations#update
PUT /auth(.:format) devise_token_auth/registrations#update
DELETE /auth(.:format) devise_token_auth/registrations#destroy
POST /auth(.:format) devise_token_auth/registrations#create
auth_validate_token GET /auth/validate_token(.:format) devise_token_auth/token_validations#validate_token
auth_failure GET /auth/failure(.:format) devise_token_auth/omniauth_callbacks#omniauth_failure
GET /auth/:provider/callback(.:format) devise_token_auth/omniauth_callbacks#omniauth_success
GET|POST /omniauth/:provider/callback(.:format) devise_token_auth/omniauth_callbacks#redirect_callbacks
omniauth_failure GET|POST /omniauth/failure(.:format) devise_token_auth/omniauth_callbacks#omniauth_failure
GET /auth/:provider(.:format) redirect(301)
Do I have to add separate devise here. Please let me know your thoughts.
Best way to achieve this will be to mount normal devise routes to one scope, and API devise_token_auth routes to separate scope.
Rails.application.routes.draw do
# standard devise routes at /users
devise_for :users
# token auth routes available at /api/auth/
namespace :api, defaults: { format: :json } do
scope module: :v1 do
mount_devise_token_auth_for 'User', at: 'auth'
end
end
end
new_user_registration GET /auth/sign_up(.:format) devise_token_auth/registrations#new
which does not lead to anything, because in the GEM controller devise_token_auth/registrations_controller there is no new action.
1 - change the routing so that the http GET request is rooted to your controller#new action.
2 - create the controller#new action
3 - have the form in new.html.erb call the following action
POST /auth(.:format) devise_token_auth/registrations#create
4 - To create a user, you just need to make an HTTP POST request to the following URL
POST /auth(.:format) devise_token_auth/registrations#create
with the parameters that you need to pass to this controller action
def create
#resource = resource_class.new(sign_up_params)
#resource.provider = "email"
# honor devise configuration for case_insensitive_keys
if resource_class.case_insensitive_keys.include?(:email)
#resource.email = sign_up_params[:email].try :downcase
else
#resource.email = sign_up_params[:email]
end
# give redirect value from params priority
#redirect_url = params[:confirm_success_url]
# fall back to default value if provided
#redirect_url ||= DeviseTokenAuth.default_confirm_success_url
# success redirect url is required
if resource_class.devise_modules.include?(:confirmable) && !#redirect_url
return render_create_error_missing_confirm_success_url
end
# if whitelist is set, validate redirect_url against whitelist
if DeviseTokenAuth.redirect_whitelist
unless DeviseTokenAuth::Url.whitelisted?(#redirect_url)
return render_create_error_redirect_url_not_allowed
end
end
begin
# override email confirmation, must be sent manually from ctrl
resource_class.set_callback("create", :after, :send_on_create_confirmation_instructions)
resource_class.skip_callback("create", :after, :send_on_create_confirmation_instructions)
if #resource.save
yield #resource if block_given?
unless #resource.confirmed?
# user will require email authentication
#resource.send_confirmation_instructions({
client_config: params[:config_name],
redirect_url: #redirect_url
})
else
# email auth has been bypassed, authenticate user
#client_id = SecureRandom.urlsafe_base64(nil, false)
#token = SecureRandom.urlsafe_base64(nil, false)
#resource.tokens[#client_id] = {
token: BCrypt::Password.create(#token),
expiry: (Time.now + DeviseTokenAuth.token_lifespan).to_i
}
#resource.save!
update_auth_header
end
render_create_success
else
clean_up_passwords #resource
render_create_error
end
rescue ActiveRecord::RecordNotUnique
clean_up_passwords #resource
render_create_error_email_already_exists
end
end
This way the user will be created, but it is not a good approach. You are using an api when you should just be using devise
Related
I'm trying to allow my users to login with their Google accounts using devise, omniauth and devise-token-auth. To do so I have added the following code to the rails API-only boilerplate.
# Gemfile
...
# authentication
gem 'devise', '~> 4.7'
gem 'devise_token_auth', git: 'https://github.com/lynndylanhurley/devise_token_auth'
gem 'omniauth', '~> 1.9.1'
gem 'omniauth-google-oauth2
...
# config/initializers/omniauth.rb
Rails.application.config.middleware.use OmniAuth::Builder do
provider :google_oauth2, ENV['GOOGLE_KEY'], ENV['GOOGLE_SECRET']
end
# config/routes.rb
Rails.application.routes.draw do
root 'application#home'
mount_devise_token_auth_for 'User', at: 'auth'
end
For the frontend I use j-toker and have set it up as follows
Auth.configure({
apiUrl: `http://localhost:8000/`,
authProviderPaths: {
google: `/auth/google_oauth2`,
},
});
When the user clicks on the login with google button I then call
Auth.oAuthSignIn({ provider: `google` }).then(() => {
// handle result
});
The Issue: When the user clicks on the login button, a new tab opens up with the rails error message No route matches [GET] "/omniauth/google_oauth2"
It seems like /auth/google_oauth2 redirects to /omniauth/google_oauth2 but the /omniauth/:provider path doesn't exist
The output of rails routes is as follows:
Prefix Verb URI Pattern Controller#Action
root GET / application#home
new_user_session GET /auth/sign_in(.:format) devise_token_auth/sessions#new
user_session POST /auth/sign_in(.:format) devise_token_auth/sessions#create
destroy_user_session DELETE /auth/sign_out(.:format) devise_token_auth/sessions#destroy
new_user_password GET /auth/password/new(.:format) devise_token_auth/passwords#new
edit_user_password GET /auth/password/edit(.:format) devise_token_auth/passwords#edit
user_password PATCH /auth/password(.:format) devise_token_auth/passwords#update
PUT /auth/password(.:format) devise_token_auth/passwords#update
POST /auth/password(.:format) devise_token_auth/passwords#create
cancel_user_registration GET /auth/cancel(.:format) devise_token_auth/registrations#cancel
new_user_registration GET /auth/sign_up(.:format) devise_token_auth/registrations#new
edit_user_registration GET /auth/edit(.:format) devise_token_auth/registrations#edit
user_registration PATCH /auth(.:format) devise_token_auth/registrations#update
PUT /auth(.:format) devise_token_auth/registrations#update
DELETE /auth(.:format) devise_token_auth/registrations#destroy
POST /auth(.:format) devise_token_auth/registrations#create
auth_validate_token GET /auth/validate_token(.:format) devise_token_auth/token_validations#validate_token
auth_failure GET /auth/failure(.:format) users/omniauth_callbacks#omniauth_failure
GET /auth/:provider/callback(.:format) users/omniauth_callbacks#omniauth_success
GET|POST /omniauth/:provider/callback(.:format) users/omniauth_callbacks#redirect_callbacks
omniauth_failure GET|POST /omniauth/failure(.:format) users/omniauth_callbacks#omniauth_failure
GET /auth/:provider(.:format) redirect(301)
As you can see the /omniauth/:provider route doesn't even exist... Any idea what the Issue is?
Placing OmniAuth.config.allowed_request_methods = [:get] in the omniauth initializer fixed this issue for me.
Like this:
Rails.application.config.middleware.use OmniAuth::Builder do
OmniAuth.config.allowed_request_methods = [:get]
provider :google_oauth2, ENV['GOOGLE_KEY'], ENV['GOOGLE_SECRET']
end
However, it must be noted that allowing GET requests gives the following warning:
You are using GET as an allowed request method for OmniAuth. This may leave
you open to CSRF attacks. As of v2.0.0, OmniAuth by default allows only POST
to its own routes. You should review the following resources to guide your
mitigation:
https://github.com/omniauth/omniauth/wiki/Resolving-CVE-2015-9284
https://github.com/omniauth/omniauth/issues/960
https://nvd.nist.gov/vuln/detail/CVE-2015-9284
https://github.com/omniauth/omniauth/pull/809
You can ignore this warning by setting:
OmniAuth.config.silence_get_warning = true
So its probably best to only allow POST requests
I am trying to implement "Forgot Password" functionality using "devise_token_auth" in Rails 5 api, in which I have carried out the following steps:
Hit the "localhost:3000/auth/password" with registered users email, redirect_url as parameters. I got the email as well.
When clicking the "change my password" link in the mail, it redirects to "localhost:3000/api/auth/password/edit/..." instead of "localhost:3000/auth/password/edit/..."
My reset_password_instructions.html.erb is as follows:
<p><%= t(:hello).capitalize %> <%= #resource.email %>!</p>
<p><%= t '.request_reset_link_msg' %></p>
<p><%= link_to t('.password_change_link'), edit_password_url(#resource, reset_password_token: #token, config: message['client-config'].to_s, redirect_url: message['redirect-url'].to_s).html_safe %></p>
<p><%= t '.ignore_mail_msg' %></p>
<p><%= t '.no_changes_msg' %></p>
I am not able to figure out how "edit_password_url" resolves to "localhost:3000/api/auth/password/edit/..." instead of "localhost:3000/auth/password/edit/...". Could anyone be able to help me here?
Note: In development.rb, I have config.action_controller.default_url_options = { host: 'localhost:3000' }
UPDATE:
Routes.rb
Rails.application.routes.draw do
#.....
resources :employee_contact_infos
resources :employee_work_infos
mount_devise_token_auth_for 'User', at: 'auth'
# get '/api' => redirect('/swagger/dist/index.html?url=/apidocs/api-docs.json')
# For details on the DSL available within this file, see http://guides.rubyonrails.org/routing.html
get '/industry_sectors' => 'drop_down_values#industry_sector_list'
get '/currencies' => 'drop_down_values#currency'
#...
namespace :employees do
end
end
rake routes output for devise_token_auth:
new_user_session GET /auth/sign_in(.:format) devise_token_auth/sessions#new
user_session POST /auth/sign_in(.:format) devise_token_auth/sessions#create
destroy_user_session DELETE /auth/sign_out(.:format) devise_token_auth/sessions#destroy
new_user_password GET /auth/password/new(.:format) devise_token_auth/passwords#new
edit_user_password GET /auth/password/edit(.:format) devise_token_auth/passwords#edit
user_password PATCH /auth/password(.:format) devise_token_auth/passwords#update
PUT /auth/password(.:format) devise_token_auth/passwords#update
POST /auth/password(.:format) devise_token_auth/passwords#create
cancel_user_registration GET /auth/cancel(.:format) devise_token_auth/registrations#cancel
new_user_registration GET /auth/sign_up(.:format) devise_token_auth/registrations#new
edit_user_registration GET /auth/edit(.:format) devise_token_auth/registrations#edit
user_registration PATCH /auth(.:format) devise_token_auth/registrations#update
PUT /auth(.:format) devise_token_auth/registrations#update
DELETE /auth(.:format) devise_token_auth/registrations#destroy
POST /auth(.:format) devise_token_auth/registrations#create
auth_validate_token GET /auth/validate_token(.:format) devise_token_auth/token_validations#validate_token
Swagger_docs.rb
class Swagger::Docs::Config
def self.base_api_controller; ApplicationController end
def self.transform_path(path, api_version)
# Make a distinction between the APIs and API documentation paths.
"#{path}"
end
Swagger::Docs::Config.register_apis({
'1.0' => {
controller_base_path: '',
api_file_path: 'public/apidocs',
base_path: 'http://localhost:3000',
clean_directory: true
}
})
end
The generated link gets changed if any configuration for relative url root has been set.
Can you check if you have defined in any configuration to set the relative url root as below:
config.relative_url_root = "/api"
Let's assume you want to deploy your application to "/app1". Rails needs to know this directory to generate the appropriate routes.
config.relative_url_root = "/app1"
alternatively you can set the RAILS_RELATIVE_URL_ROOT environment variable.
Rails will now prepend "/app1" when generating links
Check - https://guides.rubyonrails.org/configuring.html#deploy-to-a-subdirectory-relative-url-root
I have user model for authorization with devise gem. I want to add after_sign_in_path method:
# application_controller.rb
protected
# redirecting to appropriate url based on role
def after_sign_in_path_for(resource)
if current_user.has_role?(:admin)
dashboard_path
elsif current_user.has_role?(:student)
root_path
end
end
Whenever I try to sign in I get this error:
undefined method `user_url' for #<Devise::SessionsController:0x007fb89b5b00a8> Did you mean? course_url
I don't know why it says 'did you mean? course_url. But I have course model. And here are my routes:
authenticate :user do
resources :feeds, only: [:index]
resources :courses, only: [:index, :show]
# etc...
end
Also here is the code it points me:
if options.empty?
recipient.send(method, *args)
else
recipient.send(method, *args, options)
end
and first line of log:
actionpack (4.2.4) lib/action_dispatch/routing/polymorphic_routes.rb:220:in `polymorphic_method'
Whenever I commend after_sign_in_path_for I am able to sign in. If I comment contents of after_sign_in_path_for but leave empty after_sign_in_path_for method, I also get this error.
EDIT: I tested that I am not also signed in, not just not redirected. I think error happens right in the call after_sign_in_path_for, not in the redirect_to or whatever. Probably it has to do something with resource.
EDIT2: here are my rake routes:
new_user_session GET /users/sign_in(.:format) devise/sessions#new
user_session POST /users/sign_in(.:format) devise/sessions#create
destroy_user_session DELETE /users/sign_out(.:format) devise/sessions#destroy
user_password POST /users/password(.:format) devise/passwords#create
new_user_password GET /users/password/new(.:format) devise/passwords#new
edit_user_password GET /users/password/edit(.:format) devise/passwords#edit
PATCH /users/password(.:format) devise/passwords#update
PUT /users/password(.:format) devise/passwords#update
cancel_user_registration GET /users/cancel(.:format) registrations#cancel
user_registration POST /users(.:format) registrations#create
new_user_registration GET /users/sign_up(.:format) registrations#new
edit_user_registration GET /users/edit(.:format) registrations#edit
PATCH /users(.:format) registrations#update
PUT /users(.:format) registrations#update
DELETE /users(.:format) registrations#destroy
user_confirmation POST /users/confirmation(.:format) devise/confirmations#create
new_user_confirmation GET /users/confirmation/new(.:format) devise/confirmations#new
GET /users/confirmation(.:format) devise/confirmations#show
admin_root GET / rails_admin/main#dashboard
student_root GET / feeds#index
feeds GET /feeds(.:format) feeds#index
courses GET /courses(.:format) courses#index
course GET /courses/:id(.:format) courses#show
schools GET /schools(.:format) schools#index
school GET /schools/:id(.:format) schools#show
universities GET /universities(.:format) universities#index
university GET /universities/:id(.:format) universities#show
rails_admin /admin RailsAdmin::Engine
POST /graphql(.:format) graphql#create
landing_confirmation GET /landing/confirmation(.:format) landing#confirmation
landing_access_denied GET /landing/access_denied(.:format) landing#access_denied
root GET / landing#index
EDIT3: here is my github repo:
https://github.com/yerassyl/nurate
I had the same issue (Rails 7). I fixed it this way:
Add :turbo_stream as a navigational format. This line goes in config/initializers/devise.rb.
config.navigational_formats = ['*/*', :html, :turbo_stream]
Devise issue github
This error is thrown when the after_sign_in_path_for method is redefined in your app and returns nil value. As per my best guest, the provided snippet
def after_sign_in_path_for(resource)
if current_user.has_role?(:admin)
dashboard_path
elsif current_user.has_role?(:student)
root_path
end
end
is giving an error because none of the conditions are getting satisfied and hence the returned value is nil. To avoid such a case, you can always add an else condition which would get satisfied if no other does. Hence the below snippet should have worked (and will work for other users)
def after_sign_in_path_for(resource)
if current_user.has_role?(:admin)
dashboard_path
elsif current_user.has_role?(:student)
root_path
else
some_other_path || root_path
end
end
Hope this helps someone. Cheers :)
In config/devise.rb include this line:
config.navigational_formats = ['/', :html, :turbo_stream]
before rails s
This has done the trick for me.
def after_sign_in_path_for(resource)
if current_user.has_role?(:admin)
dashboard_path
elsif current_user.has_role?(:student)
root_path
else
root_path
end
end
Try to add a else condition in your code. This worked for me. I missed something like this.
If you have the same error with Devise::RegistrationsController, the answers of Jishnu and antoniolulee also works fine.
You have to uncomment in config/initializers/devise.rb line says
config.navigational_formats = ['*/*', :html]
and add :turbo_stream like this
config.navigational_formats = ['*/*', :html, :turbo_stream]
Make sure you've got a method on your AplicationController like follows
def after_sign_in_path_for(resource)
resource.next_step
end
Next_step is an attribute stored in the record during its creation, you may decide to hard code here some other path.
I am using Devise auth token gem for authenticating some parts of my rails app. But when I try to create a new user with the registration path, it is giving me the following error{"errors":["Authorized users only."]}.
Here is the rspec code that I am using for the test,
it 'creates a user using email/password combo' do
post api_user_registration_path, { email: 'xxx', password: 'yyy',password_confirmation: 'yyy'}
puts last_response.body
expect(last_response.body).not_to have_content('error')
end
Additional info: the model name is 'User' and the routes looks like,
namespace :api do
scope :v1 do
mount_devise_token_auth_for 'User', at: 'auth'
end
end
I understand that the devise is expecting the user to be authenticated before accessing this path, but this being the user registration, it needs to be outside the authentication. Can you suggest a solution for this? Is there any configuration that I am missing here?
Try with:
namespace :api do
namespace :v1 do
mount_devise_token_auth_for 'User', at: '/auth'
end
end
This will create the following routes:
new_api_v1_user_session GET /api/v1/auth/sign_in(.:format) devise_token_auth/sessions#new
api_v1_user_session POST /api/v1/auth/sign_in(.:format) devise_token_auth/sessions#create
destroy_api_v1_user_session DELETE /api/v1/auth/sign_out(.:format) devise_token_auth/sessions#destroy
api_v1_user_password POST /api/v1/auth/password(.:format) devise_token_auth/passwords#create
new_api_v1_user_password GET /api/v1/auth/password/new(.:format) devise_token_auth/passwords#new
edit_api_v1_user_password GET /api/v1/auth/password/edit(.:format) devise_token_auth/passwords#edit
PATCH /api/v1/auth/password(.:format) devise_token_auth/passwords#update
PUT /api/v1/auth/password(.:format) devise_token_auth/passwords#update
cancel_api_v1_user_registration GET /api/v1/auth/cancel(.:format) devise_token_auth/registrations#cancel
api_v1_user_registration POST /api/v1/auth(.:format) devise_token_auth/registrations#create
new_api_v1_user_registration GET /api/v1/auth/sign_up(.:format) devise_token_auth/registrations#new
edit_api_v1_user_registration GET /api/v1/auth/edit(.:format) devise_token_auth/registrations#edit
PATCH /api/v1/auth(.:format) devise_token_auth/registrations#update
PUT /api/v1/auth(.:format) devise_token_auth/registrations#update
DELETE /api/v1/auth(.:format) devise_token_auth/registrations#destroy
api_v1_auth_validate_token GET /api/v1/auth/validate_token(.:format) devise_token_auth/token_validations#validate_token
Also create an controller in app/controllers/api/v1/api_base_controller.rb
class Api::V1::BaseApiController < ActionController::Base
include DeviseTokenAuth::Concerns::SetUserByToken
end
Also add to your file app/controllers/application_controller.rb
before_action :configure_permitted_parameters, if: :devise_controller?
Environment: RAILS 3.2 + DEVISE for auth + Invitable + Confirmable add-ons.
Using devise (2.2.3)
Using devise-i18n (0.6.5)
Using devise_invitable (1.0.3)
I am trying to redirect to a specific location after ACCEPT (TO SIGN UP), but only after_sign_in_path_for seems to be called after SIGN IN and ACCEPT.
I haven't been able to have after_accept_path_for working.
It continues to redirect to the "after sign in" location.
HERE THE CODE
In my routes.rb:
devise_for :users,
:controllers => { :registrations => 'registrations', :invitations => 'invitations' }
rake routes give me this:
new_user_session GET /users/sign_in(.:format) devise/sessions#new
user_session POST /users/sign_in(.:format) devise/sessions#create
destroy_user_session DELETE /users/sign_out(.:format) devise/sessions#destroy
user_password POST /users/password(.:format) devise/passwords#create
new_user_password GET /users/password/new(.:format) devise/passwords#new
edit_user_password GET /users/password/edit(.:format) devise/passwords#edit
PUT /users/password(.:format) devise/passwords#update
cancel_user_registration GET /users/cancel(.:format) registrations#cancel
user_registration POST /users(.:format) registrations#create
new_user_registration GET /users/sign_up(.:format) registrations#new
edit_user_registration GET /users/edit(.:format) registrations#edit
PUT /users(.:format) registrations#update
DELETE /users(.:format) registrations#destroy
user_confirmation POST /users/confirmation(.:format) devise/confirmations#create
new_user_confirmation GET /users/confirmation/new(.:format) devise/confirmations#new
GET /users/confirmation(.:format) devise/confirmations#show
accept_user_invitation GET /users/invitation/accept(.:format) devise/invitations#edit
user_invitation POST /users/invitation(.:format) devise/invitations#create
new_user_invitation GET /users/invitation/new(.:format) devise/invitations#new
PUT /users/invitation(.:format) devise/invitations#update
In my registration controller:
class RegistrationsController < Devise::RegistrationsController
# clear session
def create
super
session[:omniauth] = nil unless #user.new_record?
end
#protected
# after_sign_up_path_for doesn't seem to be called when using Confirmable module
# def after_inactive_sign_up_path_for(resource)
# #me_path
# session[:user_return_to].nil? ? me_path : session[:user_return_to]
# end
private
def build_resource(*args)
super
if session[:omniauth]
#user.apply_omniauth(session[:omniauth])
#user.valid?
end
end
end
Also
class Users::InvitationsController < Devise::InvitationsController
protected
def after_accept_path_for
session[:user_return_to].nil? ? me_path : session[:user_return_to]
end
end
In my application controller, (I left intentionally some commented code I tried to make it work):
def store_location
session[:user_return_to] = request.fullpath
end
# def after_sign_up_path_for
# me_path
# end
#
# def after_inactive_sign_up_path_for(resource)
# me_path
# #session[:user_return_to].nil? ? me_path : session[:user_return_to]
# end
# https://github.com/plataformatec/devise/wiki/How-To:-Redirect-to-a-specific-page-on-successful-sign-up-(registration)
def after_sign_in_path_for(resource)
me_path
#dashboard_path
#session[:user_return_to].nil? ? dashboard_path : session[:user_return_to]
end
Any suggestions?
ADDED DEBUGGIN REDIRECTS
Add this to my application_controller
def redirect_to_with_logging(*args)
logger.debug "Redirect: #{args.inspect} from #{caller[0]}"
redirect_to_without_logging *args
end
alias_method_chain :redirect_to, :logging
After Sign in, works like a charm
Started POST "/users/sign_in" for 127.0.0.1 at 2013-04-25 14:20:04 +0200
Processing by Devise::SessionsController#create as HTML
[... I removed some of the Session creation info ...]
Redirect: ["/dashboard"] from /Users/joel/.rvm/gems/ruby-1.9.2-p290/gems/actionpack-3.2.11/lib/action_controller/metal/responder.rb:135:in `redirect_to'
Redirected to http://localhost:3000/dashboard
Completed 302 Found in 968ms (ActiveRecord: 0.0ms)
DOCS:
After sign in
After sign up
After Accept <====
Override after_accept_path_for in Invitations controllers
class Users::InvitationsController < Devise::InvitationsController
protected
def after_accept_path_for(resource)
me_path
end
end
IMPORTANT:
put this file in 'controllers/users' directory
Fix the routes.rb to use the Users::InvitationsController
devise_for :users, :controllers => { :registrations => 'registrations', :invitations => 'users/invitations' }
You may put redirect_to my_specific_url at the end of sign_up controller's method, to redirect after signing up