We are using Rails 4.2.1 and the latest version of Devise (3.4.1) although I believe the same error occurs with other versions.
Ever since we added scope to routes.rb:
scope '/admin' do
root to: "places#index"
devise_for :users, controllers: { registrations: "users/registrations" }
...
Devise fails to sign in or sign out with the following error:
ActionController::InvalidAuthenticityToken at /admin/users/sign_out.
Everything works perfectly fine as long as we remove the scope.
We tried using custom routes with devise but nothing helped.
registrations_controller.rb
class Users::RegistrationsController < Devise::RegistrationsController
before_action :configure_permitted_parameters
protected
def configure_permitted_parameters
devise_parameter_sanitizer.for(:sign_up).push(:first_name, :last_name, :organization)
end
end
You should try to define your scope for devise as following:
devise_for :users
devise_scope :user do
scope '/admin' do
get "/your_route" ...
end
end
And for the rest of the routes apply "/admin" scope separately.
Related
I have used devise numerous times but currently facing an issue at the moment.
I used this devise wiki to set up devise with multiple user models which i have done multiple times. https://github.com/heartcombo/devise/wiki/How-to-Setup-Multiple-Devise-User-Models
In my admins_controller.rb i have the following code
class AdminsController < ApplicationController
before_action :authenticate_admin!
end
My routes.rb
Rails.application.routes.draw do
devise_for :admins, path: 'admins', controllers: {sessions: "admins/sessions", registrations: "admins/registrations"}
namespace :admins do
root "dashboards#index"
end
end
Everything else works well but after i try to sign in as an admin, it should redirect to my admins root but i always get this error
You need to sign in or sign up before continuing.
But when i do admin_signed_in? or current_admin. I get true and my admin record accordingly. Which means the admin is already signed in.
When i comment the before_action code, then it works perfectly.
Currently stuck and cannot think of why and how to solve this issue.
I know this question was asked several times. I tried them but none of them solved my problem. I used devise for users. I want to redirect the user to a different page on sign up rather than signing in directly. I created registration controller, and tried overriding "after_inactive_sign_up_path_for" but it didn't work out. I 'm using devise confirmable also. So until the user is verified I should redirect him to other page.
registrations_controller.rb
class Users::RegistrationsController < Devise::RegistrationsController
protected
def after_inactive_sign_up_path_for(resource)
"http://www.google.com" # Or :prefix_to_your_route
end
end
routes.rb
devise_for :users, controllers: { registrations: "registrations" }
Next I tried to move the registrations into a different folder in the controllers folder. But that too didn't work out.
FYI: I'm using rails 5 and devise 4.2.1.
Your controller should be in the path app/controllers/users/registrations_controllers.rb.
Then your routes should be
devise_for :users, controllers: { registrations: "users/registrations" }
I have ActiveAdmin and Devise working with Users. I would like to use Devise to log in regular non-admin users with the same User model. How can I do this? (I want to have an admin flag in the User model for only admins.) I tried adding the 2nd line to routes.rb
devise_for :users, ActiveAdmin::Devise.config
devise_for :users
But it gave an error when I tried to list the routes
>rake routes
DL is deprecated, please use Fiddle
rake aborted!
ArgumentError: Invalid route name, already in use: 'new_user_session'
You may have defined two routes with the same name using the `:as` option, or you may be overriding a route already defined by a resource with the same naming. For the latter, you can restrict the routes created with `resources` as explained here:
http://guides.rubyonrails.org/routing.html#restricting-the-routes-created
I've created an authorization adapter which just checks user.admin == true and that is working OK for ActiveAdmin. https://github.com/activeadmin/activeadmin/blob/master/docs/13-authorization-adapter.md
I found this http://dan.doezema.com/2012/02/how-to-implement-a-single-user-model-with-rails-activeadmin-and-devise/
But I ended up doing this
Devise 3.4.1
ActiveAdmin 1.0.0.pre1
Rails 4.2.1
routes.rb
devise_for :admin_users, {class_name: 'User'}.merge(ActiveAdmin::Devise.config)
ActiveAdmin.routes(self)
devise_for :users
resources :users
application_controller.rb
def access_denied(exception)
redirect_to root_path, alert: exception.message
end
config/initializers/active_admin.rb
config.authorization_adapter = ActiveAdminAdapter
config.on_unauthorized_access = :access_denied
(And changing all methods from _user to admin_user.)
app/models/active_admin_adapter.rb
class ActiveAdminAdapter < ActiveAdmin::AuthorizationAdapter
def authorized?(action, subject = nil)
user.admin == true
end
end
And
rails generate migration add_admin_to_users admin:boolean
I have started on a web application for user registration etc. using devise gem. I am novice to Ruby/Rails env. So this is part of my training.
My question is very similar to an old posting # devise overriding registrations controller - uninitialized constant Users::RegistrationsController
After the homepage displays, when I click on signup button, I get this error. I have done some research on this issue on the web to no avail.
In app/controllers/users/registrations_controllers.rb I have this code:
class Users::RegistrationsController < Device::RegistrationsController
def create
super do |resource|
if params[:plan]
resource.plan_id = params[:plan]
if resource.plan_id == 2
resource.save_with_payment
else
resource.save
end
end
end
end
end
In Routes.rb I have this line of code:
devise_for :users, :controllers => { :registrations => 'users/registrations' }
Please let me know if you need any other information to help resolve this error.
In routes.rb, try:
devise_for :users,
:skip => [:registrations, :sessions]
as user do
# Registrations
get '/signup' => 'users/registrations#new', as: :new_user_registration
post '/signup' => 'users/registrations#create', as: :user_registration
It should work.
I have a pretty straight forward app with a couple tweaks to Devise.
First I created a Registrations controller that class RegistrationsController < Devise::RegistrationsController inherits from Devise. I created this controller so that I could edit users without re-supplying passwords. https://gist.github.com/1514687
I also did this in my routes:
devise_for :users, :controllers => { :registrations => "registrations" }`
The signup works fine but when I call the following:
<p class="edit"><%= link_to "Edit", edit_user_registration_path(user) %></p>
The url it spits out is (running on localhost): http://localhost:3000/users/edit.2
Any ideas here?
I recommend a non-devise controller for doing this, and name it something other that "users" for the sake of not overlapping with devise routes
some key nomenclature:
rails g controller accounts
resources :accounts
def edit
#user = User.find(params[:id]
end
(other controller actions similar, just refer to #user and don't worry about that this happens to be called the accounts controller)
In your routes.rb file make sure that you have
resources :users
after your devise_for line like below:
devise_for :users, :controllers => { :registrations => "registrations" }
resources :users