I just set up Devise and things are working properly. However, for some reason, my page is not working together in authentication.
Here is my routes.rb file.
devise_for :users #, path_names: { sign_out: 'sign_out' }
devise_scope :user do
authenticated :user do
root 'home#index'#, as: :authenticated_root
end
unauthenticated do
root 'devise/sessions#new', as: :unauthenticated_root
end
end
get "/dashboard" => "home#index"
When I type in localhost:3000, it redirects me to the devise sign in page that exists on localhost:3000/users/sign_in.
When I type in localhost:3000/dashboard, it takes me to the sign in page as intended but when I enter my credentials, it keeps on bringing me back to the same sign in page over and over again.
Here is my application_controller.rb file.
protect_from_forgery with: :exception
before_filter :authenticate_user!
My intention is to have localhost:3000 redirect me to an authenticated version of localhost:3000/dashboard where I can see everything on that page. Not sure what's happening.
I suggest you to rewrite your code:
Remove before_filter :authenticate_user! as problem with unauthorized users already handled by routes.
Remove devise_scope :user do ... end block - there is a simpler solution (below).
Your routes.rb :
authenticated :user do
root to: redirect('/dashboard'), as: :authenticated_root
end
root to: redirect('/users/sign_in')
get "dashboard" => "home#index"
Related
I am trying to make custom sign_in url for my app. So I created a new route in routes.rb. my code sample is
devise_scope :user do
get 'site-admin/login', to: 'devise/sessions#new'
end
But still'users/sign_in' is also going to login page.How to redirect 'users/sign_in' to 404 page?
According to the devise documentation, all you have to do in your routes.rb is this:
devise_for :users, skip: [:sessions]
as :user do
get 'site-admin/login', to: 'devise/sessions#new', as: :new_user_session
end
Currently, a user gets redirected to a root index page after sign-in/log-in but I want to customize it so that the redirect goes to a different page.
My route file is:
Rails.application.routes.draw do
devise_for :admins, path: 'admins'
root 'home#index'
get '/' => "courses#index", as: :user_root
devise_for :users, path: 'users'
resources :courses, :lessons
end
I understand that by default, the root become where the redirect goes to so I used the code get '/' => "courses#index", as: :user_rootand the redirect worked as I wanted to. However, when a user logs-out, the redirect tries to go to get '/' => "courses#index", as: :user_rootonce again which I do no want. Instead, I want the redirect when a user logs-out to go to root 'home#index'.
So essentially my question is how can I customize my root so I can achieve different redirects depending on whether a user logs-in/signs-in and logs-out?
You can use this:
class ApplicationController < ActionController::Base
private
def after_sign_in_path_for(resource)
user_root_path
end
def after_sign_out_path_for(resource_or_scope)
root_path
end
end
It is on devise wiki:
signing in
signing out
Pretty simple question, but I can't seem to find the answer with a good ole fashioned Google.
The error:
undefined method `user_signed_in?' for #<ActionDispatch::Routing::Mapper:0x007fc6369320e8> (NoMethodError)
Server won't even start.
My code:
Rails.application.routes.draw do
devise_for :users, :path_prefix => 'u'
resources :users
devise_scope :user do
get "login", to: "devise/sessions#new", as: :login
get 'logout', to: 'devise/sessions#destroy', as: :logout
get 'user/edit', to: 'devise/registrations#edit', as: :change_password
end
resources :apps do
resources :elements, controller: 'apps/elements'
end
resources :elements do
resources :features, except: [:index], controller: 'apps/elements/features'
end
if user_signed_in?
root to: 'apps#index'
else
devise_scope :user do
root to: 'devise/sessions#new'
end
end
end
What's the best way to go about making this work? I'm hesitant to try to work around it and make the site vulnerable, being a new RoR user. Thanks in advance.
In Rails access control is done on the controller layer - not on the routing layer.
Routes just define matchers for different sets of params and request urls. They are processed before rails even starts processing the request, they don't know anything about the session. Rails could have even used YML to define routes, except that Ruby is better at DSLs.
If you want to require that the user is signed in you would use:
class SomeController < ApplicationController
before_action :authenticate_user! # a Devise helper method
end
struggling for a few hours on this one now. I have integrated the Devise gem into my Rails project after originally making my own auth system but I am facing an issue I can't understand.
When the user signs in the method:
def after_sign_in_path_for(resource_or_scope)
user = resource_or_scope
user_path(user.username)
end
Is triggered to redirect the user to their profile.
I have an edit user route which takes the user to a page in which they can edit their details and add a 'wanted item'. Two separate forms with two separate controllers and actions.
The 'add wanted item' method posts to a different controller that rendered the view called WantsController and adds a wanted item for the user through an association.
For some reason the after_sign_in_path_for method is called when submitting this form? It has nothing to do with signing in...
Here are my routes:
#users/auth
devise_for :users, :skip => [:sessions, :registrations]
devise_scope :user do
# registration
get "/signup", to: "users#new", as: :sign_up
post "/signup", to: "users#create", as: :sign_up_create
# account
get "/:username/account", to: "users#edit", as: :user_account
put "/users/:id", to: "users#update", as: :user_update
# shows
get "/:username", to: "users#show", as: :user
get "/:username/interests", to: "users#interests", as: :user_interests
get "/:username/offers", to: "users#offers", as: :user_offers
get "/:username/trades", to: "users#trades", as: :user_trades
# auth
post "/signin" => 'devise/sessions#create', as: :sign_in
delete "/signout", to: "devise/sessions#destroy", as: :sign_out
#wants
resources :wants, only: [:create, :destroy]
end
If I place the wants resource outside of the devise scope (which is where I expect it should go) I receive the following:
Could not find devise mapping for path "/wants"
What's happening here? Stumped!
Thanks.
Argh, silly mistake. Why is it after hours of struggling that when you post a question on Stack Overflow you figure it out after like 5 minutes?!
I had copied and pasted my RegistrationsController into the WantsController file to save typing the controller code but forgot to make it inherit from ApplicationController rather than Devise::RegistrationsController.
Lesson: Don't copy and paste!
I am trying to configure my rails server so that http://localhost:3000/ redirects to http://localhost:3000/admin_users/sign_in . This is the Devise login view for my AdminUser model.
I have tried the following in my routes file without success:
devise_for :admin_users
root :to => "devise/sessions#new"
The following presents the login form but fails when I try to login due to too many redirects:
devise_for :admin_users do
root :to => "devise/sessions#new"
end
Any guidance would be appreciated!
it has nothing to do with routing
add this line to your applications controller
before_filter :authenticate_user!
your application will ask for login before allowing user to visit any page
to skip authentication on any action just put this, just put this line in that action's controller
skip_before_filter :authenticate_user!, :only => [:some_action]
you need to define the root route of your application so that after authentication a user can be redirected there eg:-
root to: 'users#index'