I'm trying to remove/disable the user/sign_up path from Devise. I'm doing this because I don't want random people gaining access to the application. I have it partly working by adding the following in routes.rb
Rails.application.routes.draw do
devise_scope :user do
get "/sign_in" => "devise/sessions#new" # custom path to login/sign_in
get "/sign_up" => "devise/registrations#new", as: "new_user_registration" # custom path to sign_up/registration
end
...
devise_for :users, :skip => :registration
end
However, this breaks <%= link_to "Profile", edit_user_registration_path, class: "btn btn-info btn-flat" %>
which I want to keep so that users can update their profile.
I know it's because of the devise_for :users, :skip => :registration
Is there a solution for this issue?
Running
Devise (4.2.0, 4.1.1, 4.1.0)
Rails 4.2.5
ruby 2.3.0p0 (2015-12-25 revision 53290) [x86_64-linux]
The easiest way is just removing :registerable devise module from the default list defined into your Model (the class name used for the application’s users, usually User).
class User < ActiveRecord::Base
devise :database_authenticatable, :registerable,
:recoverable, :rememberable, :trackable, :validatable
...
end
So you'll have it like this:
class User < ActiveRecord::Base
devise :database_authenticatable,
:recoverable, :rememberable, :trackable, :validatable
...
end
Solution to removing sign_up path from Devise
Enter the following at the beginning of routes.rb
Rails.application.routes.draw do
devise_scope :user do
get "/sign_in" => "devise/sessions#new" # custom path to login/sign_in
get "/sign_up" => "devise/registrations#new", as: "new_user_registration" # custom path to sign_up/registration
end
...After the statement above, add the following below in routes.rb
devise_for :users, :skip => [:registrations]
as :user do
get 'users/edit' => 'devise/registrations#edit', :as => 'edit_user_registration'
put 'users' => 'devise/registrations#update', :as => 'user_registration'
end
This will remove/disable the user/sign_up path for Devise without breaking edit_user_registration_path
Restart your rails server and it should work.
I just had the same issue. My solution is a mix of these answers.
Comment out or remove :registerable in user.rb:
class User < ActiveRecord::Base
devise :database_authenticatable, #:registerable,
:recoverable, :rememberable, :trackable, :validatable
end
Remove the registration paths from devise_for in routes.rb:
devise_for :users, :skip => [:registrations], controllers: {
sessions: 'users/sessions'
}
Now Devise will skip all of the registration links from their view and also you no longer have the registration paths on your routes.
Redirecting from controller
I solved this issue by redirecting /sign_up to /sign_in from the controller, while preserving the functionality of editing user info. For instance:
In controllers/users/registrations_controller.rb
# GET /resource/sign_up
def new
redirect_to new_user_session_path and return
super
end
In routes.rb, I pointed registrations resource to this controller:
devise_for :users, controllers: {
sessions: 'users/sessions',
registrations: 'users/registrations'
}
So whenever users visit route /sign_up, it'll redirect them to /sign_in. Just remember to use and return after the redirection to prevent multiple render/redirect
Since as is just an alias for devise_scope, you can put all that in just one block.
devise_for :users, skip: [:registrations]
as :user do
get "/sign_in" => "devise/sessions#new" # custom path to login/sign_in
get "/sign_up" => "devise/registrations#new", as: "new_user_registration" # custom path to sign_up/registration
get 'users/edit' => 'devise/registrations#edit', :as => 'edit_user_registration'
put 'users' => 'devise/registrations#update', :as => 'user_registration'
end
Below code seem to do the trick for me:
Rails.application.routes.draw do
devise_scope :users do #notice "users" here, not "user"
get "/sign_in" => "devise/sessions#new" # custom path to login/sign_in
get "/sign_up" => "devise/registrations#new", as: "new_user_registration" # custom path to sign_up/registration
end
devise_for :users, :skip => [:registrations]
as :user do
get 'users/edit' => 'devise/registrations#edit', :as => 'edit_user_registration'
put 'users' => 'devise/registrations#update', :as => 'user_registration'
end
...
Related
So I've been trying to set my routes for devise as follows:
scope '(:locale)' do
devise_for :users, skip: [:registrations]
resources :questions
end
However when I authenticate in my controller, when you're not signed in devise redirects you to localhost:3000/users/sign_in.
What I expect to happen would it to redirect me to localhost:3000/en/users/sign_in. What am I doing wrong or what way is there around this?
So it turns out you can't set the routes in your scope, but rather need to set them manually. At least that's what's worked for me.
devise_for :users, skip: [:sessions]
as :user do
get ':locale/login' => 'devise/sessions#new', :as => :new_user_session
post ':locale/login' => 'devise/sessions#create', :as => :user_session
delete ':locale/logout' => 'devise/sessions#destroy', :as => :destroy_user_session
end
# your normal scope without devise_for in it
scope '(:locale)' do
resources :questions
end
After this the redirects work as expected.
I am getting the following error when i go to root after logging in
Could not find devise mapping for path "/".
This may happen for two reasons:
1) You forgot to wrap your route inside the scope block. For example: devise_scope :user do get "/some/route" => "some_devise_controller" end
2) You are testing a Devise controller bypassing the router. If so, you can explicitly tell Devise which mapping to use: #request.env["devise.mapping"] = Devise.mappings[:user]
Routes File
Rails.application.routes.draw do
root 'pages#home'
devise_for :users, controllers: { sessions: "users/sessions", registrations: "users/registrations", confirmations: "users/confirmations", passwords: "users/passwords" }, :skip => [:sessions]
as :user do
get 'sign_in' => 'users/sessions#new', :as => :new_user_session
post 'sign_in' => 'users/sessions#create', :as => :user_session
match 'sign_out' => 'users/sessions#destroy', :as => :destroy_user_session,
:via => Devise.mappings[:user].sign_out_via
end
end
Even though i have a route_path it throws up the error.
Try writing routes in scope block.
devise_scope :user do
# write all your routes inside this block
end
You can find more about scope here
https://github.com/plataformatec/devise/wiki/How-To:-Change-the-default-sign_in-and-sign_out-routes
I am using Rails + Devise + OmniAuth + Google OAuth2.
My user model (user.rb) contains:
devise :registerable, :omniauthable, :omniauth_providers => [:google_oauth2]
My routes.rb look like:
Rails.application.routes.draw do
devise_for :users, controllers: { omniauth_callbacks: 'omniauth_callbacks' }
devise_scope :user do
get 'sign_in', :to => 'devise/sessions#new', :as => :new_user_session
post 'sign_in', :to => 'devise/session#create', :as => :user_session
get 'sign_out', :to => 'devise/sessions#destroy', :as => :destroy_user_session
end
get 'services', to: 'static_pages#services'
get 'my_account', to: 'my_account#index'
get 'invite', to: 'invite#show'
get 'invite/:id', to: 'invite#show'
root 'static_pages#home'
end
When I go to /sign_in, I get an exception like:
undefined method `session_path' for #<#<Class:0x007f9b7173af28>:0x007f9b713d8da8>
in:
~/.rvm/gems/ruby-2.1.1/gems/devise-3.2.4/app/views/devise/sessions/new.html.erb
in line:
<%= form_for(resource, as: resource_name, url: session_path(resource_name)) do |f| %>
If I add :database_authenticatable to user.rb it all starts working, but I want my users to be able to sign-in through Google OAuth2 only, so I don't want :database_authenticable. It looks like session_path is not available for some reason, but I am not sure why and how to make it available.
Thanks,
Jen
You need to reboot the rails server. That was the solution for me.
I do believe that, as you use devise_scope for the sessions paths, you need to add skip to your devise_for call, like so:
devise_for :users, skip: [:sessions], controllers: { omniauth_callbacks: 'omniauth_callbacks' }
Doing so will not generate the route helpers for the sessions controller
If you add or modify anything in the devise configuration, you need to reboot the rails server. just stop and run the rails server command again
I have just set up my STI structure with a Devise User model. I have two user types (business and lender) and would like them to be sent to separate root paths after signing in. My models look like this:
user.rb
class User < ActiveRecord::Base
# Include default devise modules. Others available are:
# :token_authenticatable, :confirmable,
# :lockable, :timeoutable and :omniauthable
devise :database_authenticatable, :registerable,
:recoverable, :rememberable, :trackable, :validatable
# Setup accessible (or protected) attributes for your model
attr_accessible :email, :password, :password_confirmation, :remember_me, :type
end
lender.rb
Class Lender < User
end
business.rb
Class Business < User
end
My routes file looks like:
Lendingloop::Application.routes.draw do
# User route
devise_for :users, skip: [:registrations]
# Lending routes
devise_for :lenders, skip: :sessions
authenticated :lender do
root :to => "LenderAccount#dashboard", :as => "lender_authenticated_root"
end
#Business routes
devise_for :businesses, skip: :sessions
authenticated :business do
root :to => "BusinessAccount#dashboard", :as => "business_authenticated_root"
end
# Error Routes
get "/404", to: 'errors#not_found'
get "/422", to: 'errors#unacceptable'
get "/500", to: 'errors#internal_error'
# Root route
root :to => 'StaticPages#landing'
end
As you can see I have an authenticated do block which I would like to redirect lenders and businesses to their specific root pages. I have a LenderAccount and BusinessAccount controller setup with dashboard actions in them and corresponding views.
When I log in as a lender or a business, I'm redirected to my root_path which is 'StaticPages#landing'. That should only be for non-logged in users.
Update
I went through the devise documentation and added the following to my application_controller.rb file:
def after_sign_in_path_for(user)
if user.type == "Business"
business_authenticated_root_path
elsif user.type == "Lender"
lender_authenticated_root_path
else
root_path
end
end
I am also seeing a strange error in my console when I attempt to go to the dashboard page directly from lender_authenticated_root_path:
Rendered /Users/questifer/.rvm/gems/ruby-1.9.2-p320#rails3tutorial/gems/actionpack-3.2.13/lib/action_dispatch/middleware/templates/rescues/routing_error.erb within rescues/layout (0.7ms)
[2014-04-22 12:31:31] ERROR Errno::ECONNRESET: Connection reset by peer
/Users/bvlaar/.rvm/rubies/ruby-1.9.2-p320/lib/ruby/1.9.1/webrick/httpserver.rb:56:in `eof?'
/Users/bvlaar/.rvm/rubies/ruby-1.9.2-p320/lib/ruby/1.9.1/webrick/httpserver.rb:56:in `run'
/Users/bvlaar/.rvm/rubies/ruby-1.9.2-p320/lib/ruby/1.9.1/webrick/server.rb:183:in `block in start_thread'
Does anyone have an idea as to how I can get these authenticated blocks to handle the proper root redirects?
I got the roots working by changing my routes.rb file to:
routes.rb
root :to => 'business_account#dashboard', :constraints => lambda { |request| request.env['warden'].user.class.name == 'Business' }, :as => "business_root"
root :to => 'lender_account#dashboard', :constraints => lambda { |request| request.env['warden'].user.class.name == 'Lender' }, :as => "lender_root"
Now my two user types can login to their accounts and be directed to their respective controllers and dashboards.
I think I can help. I had a similar problem. In my routes.rb file I created a "home" screen for non-logged in users.
Rails.application.routes.draw do
root "home#index"
devise_for :users
resources :home
resources :dashboard
The home_controller.rb looks like this:
class HomeController < ApplicationController
def index
if user_signed_in?
redirect_to :controller=>'dashboard', :action =>'index'
end
end
end
dashboard_controller.rb looks like this, and is only for logged in users:
class DashboardController < ApplicationController
before_filter :authenticate_user!
def index
end
end
The views for each (home.html.erb & dashboard.html.erb) can then reflect content for visitors or logged in users.
I used this tutorial to sort it out. I don't know if it's overkill or not, this is my first application, but ti seems to be what you are asking for.
http://www.tonylea.com/2012/rails-authentication-with-devise/
Hope that helps.
I am using Rails 4.0.2 and Devise 3.2.2 to handle user registration / authentication.
I have googled and search stackoverflow for answers, can't really find something that can answer my question.
The below code is my routes.rb, I have skip all sessions routes and registration routes but for some reason, Devise is not using my custom registrations_controller.rb because if it is, it should redirect to /pages/success (please see below my registrations_controller.rb )
routes.rb
App::Application.routes.draw do
resources :posts
resources :questions
get "users/:id", to: "users#show"
devise_for :users, :controllers => {:registrations => "registrations"}, :skip => [:sessions, :registrations]
as :user do
get 'login' => 'devise/sessions#new', :as => :new_user_session
post 'login' => 'devise/sessions#create', :as => :user_session
delete 'signout' => 'devise/sessions#destroy', :as => :destroy_user_session
end
as :user do
get '/' => 'devise/registrations#new', :as => :new_user_registration
post 'register' => 'devise/registrations#create', :as => :user_registration
end
get "registrations/update"
get "pages/home"
get "pages/privacy"
get "pages/terms"
get "pages/success"
end
registrations_controller.rb
class RegistrationsController < Devise::RegistrationsController
protected
def after_inactive_sign_up_path_for(resource)
'/pages/success'
end
end
There are several potential issues you may have:
Skip
If you're skipping the registrations functionality, I'd imagine it would prevent Devise from calling your RegistrationsController?
I would personally do this (correct your routes):
#config/routes.rb
root to: "users#index" (where ever your "logged-in" page is)
devise_for :users, path: "", controllers: { sessions: "sessions", registrations: "registrations" }, path_names: { sign_in: 'login', password: 'forgot', confirmation: 'confirm', unlock: 'unblock', sign_up: 'register', sign_out: 'signout'}
This will give you the routes you need, and will route to the "authenticated" index page in your app, thus either showing the login or registration page for Devise
Definition
The other issue you may have is an incorrect definition of your Devise Registrations controller. We use this code in a very recent development app:
#app/controllers/registrations_controller.rb
class RegistrationsController < ::Devise::RegistrationsController
end
Perhaps you could try using the :: before your Devise::RegistrationsController to see if it calls?