I have a problem with the devise gem, I have this controller.
class AdminController < ApplicationController
before_action :authenticate_user!
def index
end
def per
end
def po
end
end
When redirect to sign_in form , shows nothing
sign_in form
These are my routes:
match 'po' => 'admin#po', :via => :get
match 'per' => 'admin#per', :via => :get
match 'admin' => 'admin#index', :via => :get
match 'admin/index' => 'admin#index', :via => :get
match 'admin/per' => 'admin#per', :via => :get
match 'admin/po' => 'admin#po', :via => :get
devise_for :users, :controllers => { :omniauth_callbacks => "callbacks" }
root 'home#index'
I have three templates: application, admin and home
I overwrite the default route after log in
class ApplicationController < ActionController::Base
# Prevent CSRF attacks by raising an exception.
# For APIs, you may want to use :null_session instead.
protect_from_forgery with: :exception
#before_action :authenticate_user!
def after_sign_in_path_for(resource)
#request.env['omniauth.origin'] || stored_location_for(resource) || admin_path
admin_path
end
end
My last gem installed:
gem 'bootstrap-sass'
You need to run the generator for Devise views which will copy the necessary files in your views folder:
Run:
rails g devise:views
There is more information on configuring the Devise views here
Your problem probably isn't with Devise, it looks systemic to me.
#config/routes.rb
namespace :admin do
root "application#index" #->
resources :model_controller, path: "", only: :index do #-> url.com/admin/...
collection do
get :po #-> you shouldn't really have this
get :per #-> you shouldn't really have this
end
end
end
devise_for :users, :controllers => { :omniauth_callbacks => "callbacks" }
This will give you the following:
#app/controllers/admin/application_controller.rb
class Admin::ApplicationController < ApplicationController
before_action :authenticate_user!
def index
# do something here
end
end
This gives you the ability to create a custom "dashboard" type page for your admin area, from which you'll be able to use controllers bound to models.
Your po and per actions really shouldn't be there - they are not part of the CRUD system
In regards to your Devise views, the other answers are correct in that you would be best to generate the Devise views in your app:
rails generate devise:views
This won't solve your problem (hence why I downvoted the other answers). It will simply put the views in your app. It will do nothing apart from put code in a different place.
You will need to debug the issue:
Check the action you're seeing at /users/sign_in
Check the code in the <body> tags (which you haven't shown)
If the HTML is there, there will be some other issue preventing it from loading
If there is no HTML, it will likely mean a problem with the core of Devise
What I would recommend you do is the following:
Generate your views
From your screenshot, show us the contents of the <body> tag
Screenshot your console log (this will show any errors)
Update your question with the above
This will give you a much clearer perspective on what the potential issue will be, and allow other community members to better define the solution.
Related
Good evening how could I cancel or delete these 2 routes, I also want to know how I can redirect to another site if I am not logged in
enter image description here
You can remove the routes by using skip, then specify the routes you still use. something like this:
devise_for :users, :skip => [:sessions] do
delete "/logout" => "devise/sessions#destroy", :as => :destroy_user_session
post "/admin" => "devise/sessions#create", :as => :user_session
end
Devise already have a feature for auto redirect. Go to application_controller.rb and add this before_action :authenticate_user!
I'm not 100% sure this works now that we've disabled the default session paths. The alternative is to create our own method to override it in application_controller.rb
Something like this:
protected
def authenticate_user!
if user_signed_in?
super
else
redirect_to login_path
end
end
I have a Rails app that acts as a backend for an iOS app. It was developed by a third party, and I've never used Rails, so trying to learn as I go here. I want to make the app web-accessible for users, with a homepage front-end for giving prospective users some info about the app.
Sounds easy enough, but the app is using Devise for user authentication and when I hit the site root I get the following error message:
You need to sign in or sign up before continuing.
In the routes.rb file I have the following:
root :to => "visitors#index"
devise_for :users
resources :users
In my visitors controller I added a before_filter to try to open up the site index:
class VisitorsController < ApplicationController
before_filter :authenticate_user!, :except => [:index]
end
but this made no difference. Is there something obvious I'm missing here, or some concept that I'm not grasping? Basically I want a user to hit the site homepage, then click on a 'Login' link, after which they'll have access to the rest of the site.
EDIT:
My ApplicationController:
class ApplicationController < ActionController::Base
respond_to :html, :json
# Prevent CSRF attacks by raising an exception.
# For APIs, you may want to use :null_session instead.
protect_from_forgery with: :null_session, :if => Proc.new { |c| c.request.format == 'application/json'}
before_action :configure_permitted_parameters, if: :devise_controller?
acts_as_token_authentication_handler_for User
protected
def configure_permitted_parameters
devise_parameter_sanitizer.for(:sign_up) << :name
devise_parameter_sanitizer.for(:account_update) << :name
end
end
From Devise's how to guide which seems to describe your example. You can create two roots in your routes.rb file. One for authenticated user's and one for non-authenticated users:
authenticated :user do
root :to => 'visitors#some_action', :as => :authenticated_root
end
root :to => 'visitors#index'
However, please post your ApplicationController because your example code should work, the issue may be there.
In case anyone else has the same problem - the culprit was the following line in application_controller.rb:
acts_as_token_authentication_handler_for User
It's part of the simple_token_authentication Gem (https://github.com/gonzalo-bulnes/simple_token_authentication)
To fix enable anonymous access to the root page, I changed it to the following:
acts_as_token_authentication_handler_for User, :except => [:index]
I am new in Ruby On Rails. I am making an application using devise gem. My requirement is after logged in successfully I should redirect to devise controller again.
I have created devise controller as 'Users'
I have created one more controller home_controller.rb for redirecting
under home controller I have coded this.
def index
if user_signed_in?
redirect_to :controller => 'users', :action =>add
end
end
I have written add method under users_controller.rb
And under routes.rb I have coded this
devise_for :users, controllers:{sessions: "users/sessions"}
root :to => 'home#index'
match 'users/:action' => 'users#add', :as => :add
But its not redirecting. What should I do. any help. Thanks
Try this:-
resources :users do
member do
get "add"
end
end
If I understand correctly, you'll want to use the Devise redirect helpers:
#app/controllers/application_controller.rb
class ApplicationController < ActionController::Base
def after_sign_in_path_for(resource)
user_add_path
end
end
I don't understand is this:
I should redirect to devise controller again
Devise controllers are split into SessionsController, RegistrationsController, PasswordsController, ConfirmationsController & UnlocksController.
Which one would you like to redirect to?
My hunch, and this is strengthened after reading your comments, is you want to redirect to the UsersController, like this:
#config/routes.rb
resources :users, only: :show do
get :add
end
#app/controllers/users_controller.rb
class UsersController < ApplicationController
def add
//declarations here
end
def show
//declarations here
end
end
This should help you
I am having issues with devise current_user confusing my model's :id as the users :id.
routes:
match "/causes/:id/:slug" => "causes#show", :as => :cause, :via => 'get'
match "/causes/:id/:slug/edit" => "causes#edit", :as => :edit_cause, :via => 'get'
match "/causes/:id/:slug" => "causes#update", :via => 'put'
resources :causes, :only => [:index, :new, :create]
in my :causes controller:
before_filter :check_privileges, only: [:new, :create, :edit, :new, :update]
def check_privileges
#when I use this code everyone can access edit, etc.
redirect_to root_path unless current_user
end
and in my :causes model
belongs_to :user
For some reason, when I use current_user at all, in this controller, it always thinks that current_user is equal to the id in /causes/:id/:slug/
I have tried putting the check privileges code in the application controller,
I have even tried assigning code like this:
def check_privileges
#when I use this code no one can access edit, etc
#user = User.find_by_id(params[:id])
redirect_to root_path unless #user
end
I need help, anyone have suggestions? All I want it to do is verify the user is the current user so not everyone can edit the cause.
Your post is a bit confusing. IIRC devise stores the current user id in the session and does not ever get it from the url.
Seeing that this is a problem associated with privileges and rolling out your own solution. I would highly recommend an alternative.
https://github.com/ryanb/cancan
This works great with devise and should solve your problems
Using Rails 3.0.7, I'm creating an API for our app, and I have this setup:
routes.rb
namespace :api do
namespace :v1 do
match "connect" => "users#login", :via => :post
match "disconnect" => "users#logout", :via => :post
resources :users
match "users/:id/foos" => "foos#list", :via => :get
match "users/:id" => "users#update", :via => :put
match "foos/:id/bars" => "bars#list_by_foo", :via => :get
match "foos/:id" => "foos#show", :via => :get, :constraints => { :id => /\d+/ }
match "bars/:id" => "bars#show", :via => :get
end
end
# other routes here e.g.
match "users/find" => "users#find_by_name", :via => :get
match "users" => "users#create", :via => :post
And then I have my regular app/controllers/application_controller.rb and app/controllers/users_controller.rb files as well as my app/controllers/api/v1/application_controller.rb and app/controllers/api/v1/users_controller.rb files that are defined like the following:
class Api::V1::ApplicationController < ApplicationController
before_filter :verify_access
def verify_access
# some code here
end
end
class Api::V1::UsersController < Api::V1::ApplicationController
skip_before_filter, :except => [:show, :update, :delete]
end
And before everything seemed to be working right until I overrode a method that is shared by both UsersController and Api::V1::UsersController -- and now it seems like everything is pointing to UsersController even though I'm accessing through the api/v1/users route.
I'm at my wit's end trying to figure it out. Any suggestions? Thanks. PS - feel free to comment with whatever conventions I'm ignoring that I shouldn't be or other things I might have messed up :)
skip_before_filter also general takes a symbol parameter for the before filter than you wish to skip. Controller names should not have to be unique as long as the proper scoping/namespacing is applied.
example
api/users_controller
admin/users_controller
users_controller
then the code per controller
class Api::V1::UsersController < Api::V1::BaseController
end
class Admin:UsersController < Admin::BaseController
end
class UsersController < ApplicationController
end
Then the routes
MyApp::Application.routes.draw do
scope :module => "api" do
namespace :v1 do
resources :users
end
end
namespace :admin do
resources :users
end
resources :users
end
Rails is a bit confusing, but I had a similar problem. Here's some steps you can take to make sure you're not missing any small code issues. (this eventually led me to discover a syntax bug in the namespaced controller).
run bundle exec rake routes to generate a list of what route links to what controller and action. If this is good, then move to step 2. If not, fix your routes file and try again. (many good tutorials on this, so I won't go into detail)
Go into the rails console, and just load the controller class. If it doesn't work, you may have discovered a bug in syntax. Here's what happened on console when I tried to load the Api::V2::CampaignsController.
irb> Api::V2::CampaignsController
=> CampaignsController
Note: Rails is directing all requests to the wrong controller (based on Rails' fancy logic to load controller classes). It should goto Api::V2::CampaignsController, but instead it is loading CampaignsController.
You can also verify it in the console with:
> app.get '/api/v2/campaigns.json'
> app.controller.class
=> CampaignsController
# This is not the expected controller.
This ended up being a syntax problem in a class I was extending from the Api::V2::CampaignsController.
It was a bit mind-boggling, but hope this helps someone else.