I am using this guide for setting up Devise in Rails:
http://codepany.com/blog/rails-5-user-accounts-with-3-types-of-roles-devise-rails_admin-cancancan/
It says to place this on your home controller to keep Devise from requesting authentication on your home page:
skip_before_action :authenticate_user!, :only => [:index]
My home controller is called dev so my dev_controller.rb looks like this:
class DevController < ApplicationController
def index
skip_before_action :authenticate_user!, :only => [:index]
end
end
Now when I visit my website, I get this error:
undefined method `before_action' for #<MenuController:0xb193b640>
Any ideas on why I get this error?
Please try the below
skip_before_action is should be out side of the index method scope. As before_action or skip_before_action is a class method. Should not call it inside in an instance method(index)
class DevController < ApplicationController
skip_before_action :authenticate_user!, :only => [:index]
def index
end
end
Please refer
As skip_before_action is a Class method, it can't be called from instance method.
It's also known as callback method, here are other methods.
You can update code as,
class DevController < ApplicationController
skip_before_action :authenticate_user!, :only => [:index]
def index
end
end
If skip_before_action seems to be confusing you can use before_action like below
before_action :authenticate_user! , except:[index]
Related
I can check a user and to log out on some condition.
But there always a check on ApplicationController like a below.
before_action :authenticate_user!, :check_should_logout
I don't want to call check_should_logout on every request.
Is there any solution?
You can use only or except options for before_action filters in respective controller classes.
before_action :check_should_logout, only: [:action_1, :action_2]
OR
before_action :check_should_logout, except: [:action_1, :action_2]
before_action :authenticate_user!, :check_should_logout, only: [:action1, :action_2]
or
before_action :authenticate_user!, :check_should_logout, except: [:action1, :action_2]
Instead of providing this in ApplicationController tou should provide this in respective controller.
I have implemented Rails with devise authentication. As part of the process I added a "global" before_action :authenticate_user! in the application_controller that requires that all pages must be authenticated.
# app/controllers/application_controllers.rb
class ApplicationController < ActionController::Base
before_action :authenticate_user!
end
How do I allow some controller#actions to be accessed without requiring the user to log in first.
This is useful when sending out mass emailings, and the email contains the link to a #show action which usually requires authentication.
Put skip_before_action :authenticate_user! inside your controller to allow all actions for that controller.
You can also use the only and except keywords in combination with it to only allow or forbid specific actions.
# skips authentication only for "index" and "show"
skip_before_action :authenticate_user! only: %i[index show]
# requires authentication only for "update" and "destroy"
skip_before_action :authenticate_user! except: %i[update destroy]
In the controller just mention the action that required log in:
before_action :authenticate_user!, :only => [:new, :create, :edit]
For example if you have the action 'send_mail' in the controller you can accessed without log in.
I want to do more than one skip_before_action
tried this below option:
skip_before_action :user_logged_in, :user_is_provider, only: [:impressum, :agb, :help, :privacy]
but the
:user_is_provider
function isn't called yet. The function is in application_controller.rb
Thanks
skip_before_action :user_logged_in
skip_before_action :user_is_provider, only: [:impressum, :agb, :help, :privacy]
I am new to Rails and I need to create a simple Rails project with these conditions:
there must be page with some articles (title + body)
anyone can read those articles
only authenticated users can create/edit/delete those articles
I used scaffold to generate a controller for articles and the gem Devise to create the authentication system. But I dont know how to implement the necessary conditions.
Thanks for the reply.
If your user model is called user, then you would include the following in your controller:
before_filter :authenticate_user!
If it not called user, you would replace the word user in authenticate_user with whatever it is.
You would add this directly under your controller declaration, like so:
class ArticlesController < ApplicationController
before_filter :authenticate_user!
#rest of code
end
If you want to restrict only certain actions in the controller to logged in users, you can use except to exclude some actions. Here, index and show can be seen by anyone:
before_filter :authenticate_user!, :except => [:index, :show]
or only to include specific actions. Here, only authenticated users can do the listed actions:
before_filter :authenticate_user!,
:only => [:new, :edit, :create, :update, :delete]
For some reason, I am getting an error when clicking on a protected part of my page:
Firefox: The page isn't redirecting properly
Here is the method I use in my ApplicationController:
protected
def authorize
unless User.find_by_id(session[:remember_token])
flash[:notice] = "Please Log in"
redirect_to :controller => 'sessions', :action => 'new'
end
end
For some reason, I am not getting access to sessions/new, which is my login page. Any help would be very much appreciated. I checked routes and I have get sessions/new.
As a well educated guess, I'd say you have this:
before_filter :authorize
Which will keep redirecting to itself.
You can fix this either by passing only the ones you want:
before_filter :authorize, :only => [:action_a, :action_b]
Or specify the ones you don't want (probably preferable if you only want to stop your sessions#new action
before_filter :authorize, :except => [:new, :create]
If your before_filter is specified on an inherited controller (e.g. your SessionsController is inheriting the before_filter from ApplicationController) then you can use skip_before_filter
skip_before_filter :authorize, :only => [:new, :create]
I had a similar issue and the main reason this happens is when we are redirecting to itself. make sure you are not applying the before_action / before_filter to Session#new
before_filter :authorize, :except => [:new, :create]