I have a custom mailer (UserMailer.rb) and a few methods to override the default Devise methods for the welcome email and forgot password emails. The mailer uses a custom template to style the emails--and it works great.
In config/initializers, I have a file with
module Devise::Models::Confirmable
# Override Devise's own method. This one is called only on user creation, not on subsequent address modifications.
def send_on_create_confirmation_instructions
UserMailer.welcome_email(self).deliver
end
...
end
(Again, UserMailer is setup and works great for the welcome email and reset password email.)
But what's not working is the option to "Resend confirmation instructions." It sends with the default Devise styling and I want it to use the styling of my mailer layout. I know I can manually add the layout to the default Devise layout, but I'd like to keep DRY in effect and not have to do that.
I've tried overriding the send_confirmation_instructions method found here, but I'm getting a wrong number of arguments (1 for 0) error in create(gem) devise-2.2.3/app/controllers/devise/confirmations_controller.rb at
7 # POST /resource/confirmation
8 def create
9 self.resource = resource_class.send_confirmation_instructions(resource_params)
In my initializer file, I'm able to get to this error by adding a new override for Devise, but I'm probably not doing this correctly:
module Devise::Models::Confirmable::ClassMethods
def send_confirmation_instructions
UserMailer.send_confirmation_instructions(self).deliver
end
end
Any ideas?
You don't have to go through that initializer to do that. I've done this by overriding the confirmations controller. My routes for devise look like:
devise_for :user, :path => '', :path_names => { :sign_in => 'login', :sign_out => 'logout', :sign_up => 'signup'},
:controllers => {
:sessions => "sessions",
:registrations => "registrations",
:confirmations => "confirmations"
}
Then, create the confirmations_controller and extend the Devise::ConfirmationsController to override:
class ConfirmationsController < Devise::ConfirmationsController
In that controller, I have a create method to override the default:
def create
#user = User.where(:email => params[:user][:email]).first
if #user && #user.confirmed_at.nil?
UserMailer.confirmation_instructions(#user).deliver
flash[:notice] = "Set a notice if you want"
redirect_to root_url
else
# ... error messaging or actions here
end
end
Obviously, in UserMailer you can specify the html/text templates that will be used to display the confirmation message. confirmation_token should be a part of the #user model, you can use that to create the URL with the correct token:
<%= link_to 'Confirm your account', confirmation_url(#user, :confirmation_token => #user.confirmation_token) %>
Related
I am using Clearance 1.1.0 gem with Ruby on Rails 4.0.1. I am trying to override the sessions controller to provide my own custom method. I have not been able to successfully get rails to use my controller.
/app/controllers/sessions_controller.rb
class SessionsController < Clearance::SessionsController
private
def flash_failure_after_create
flash.now[:notice] = translate(:bad_email_or_password,
:scope => [:clearance, :controllers, :sessions],
:default => t('flashes.failure_after_create', :new_password_path => new_password_path).html_safe)
end
end
I have tried a few different things inside my routes.rb file, and have been unsuccessful. I want to change the route sign_in.
get '/sign_in' => 'sessions#new', :as => 'sign_in'
Yields the following error.
You may have defined two routes with the same name using the :as
option, or you may be overriding a route already defined by a resource
with the same naming.
Any ideas? Thank you!
Edit: I made a mistake. I actually need sessions#create to use my controller. I'm trying to pass a different variable to the yaml file for the flash when the session login fails.
Edit 2: I the appropriate session#create line to to my routes. In my session controller, I copied and edited for testing the flash_failure_after_create method. It is not being called. So I then copy the create method over. Now, my create method is being called, but not my flash_failure_after_create method. To get it to be called, I had to have the create method copied from gem, and changed status.failure_message to directly call the flash_failure_after_create method. Is this some sort of bug with clearance?
routes.rb
post 'session' => 'sessions#create', :as => nil
sessions_controller.rb
class SessionsController < Clearance::SessionsController
def create
#user = authenticate(params)
sign_in(#user) do |status|
if status.success?
redirect_back_or url_after_create
else
#flash.now.notice = status.failure_message
flash.now.notice = flash_failure_after_create
render :template => 'sessions/new', :status => :unauthorized
end
end
end
private
def flash_failure_after_create
# Changed flash for easy testing
flash.now[:notice] = 'Ballz.'
#flash.now[:notice] = translate(:bad_email_or_password,
# :scope => [:clearance, :controllers, :sessions],
# :default => t('flashes.failure_after_create', :sign_up_path => sign_up_path).html_safe)
end
end
I believe this will work:
get '/sign_in' => 'sessions#new', :as => nil
Rails 4 no longer supports overriding route names, so don't name your override. The mapping is still the same so sign_in_path should still work.
I'm using Devise invitable for invitation. Typically, in the invitation email there will be a link to redirect the invitee to the sign_in page, some url like this
mywebsite.com/users/invitation/accept?invitation_token=J-azZ8fKtkuAyp2VZWQX
This url comes from invitation_instructions.html:
<p><%= link_to 'Accept invitation', accept_invitation_url(#resource, :invitation_token => #token) %></p>
Now I want to return the invitation url in my controller as json response, something like this:
def invite
invitee = User.invite!({:email => email}, current_user)
accept_invitation_url = ....
render :json => accept_invitation_url
end
any idea how to get the accept_invitation_url in the controller? Thanks!
try to include the url helpers module in your controller:
class MyController < ApplicationController
include DeviseInvitable::Controllers::UrlHelpers
def invite
invitee = User.invite!({:email => email}, current_user)
render :json => accept_invitation_url(invitee, :invitation_token => invitee.token)
end
end
The URL Helper module for the Devise Invitable Gem can be found here on github
Ok the raw invitation token is not accessible by default because it's a instance variable without accessor (source), there are two ways you could solve this.
The ugly way, without modifying your model class:
def invite
invitee = User.invite!({:email => email}, current_user)
raw_token = invitee.instance_variable_get(:#raw_invitation_token)
render :json => accept_invitation_url(invitee, :invitation_token => raw_token)
end
The clean way, by adding an attribute reader to your user model class:
# User Model
class User < ActiveRecord::Base
attr_reader :raw_invitation_token
# rest of the code
end
# In your controller
def invite
invitee = User.invite!({:email => email}, current_user)
raw_token = invitee.raw_invitation_token
render :json => accept_invitation_url(invitee, :invitation_token => raw_token)
end
Update (16th October 2015):
It seems like the UrlHelper module has been removed and the invitation is handled as a normal route, so you can remove the include DeviseInvitable::Controllers::UrlHelpers and replace the accept_invitation_url call with:
Rails.application.routes.url_helpers.accept_invitation_url(invitee, :invitation_token => raw_token)
I found out that to use accept_invitation_url outside the standard invitation mailer view you need to include inside the mailer the following helper:
include Devise::Controllers::UrlHelpers
I tried Rails.application.routes.url_helpers.accept_invitation_url(invitee, :invitation_token => raw_token) but it is not working.
I'm trying to make it so only admins can add uses with devise. I've gotten it mostly working however now when I'm logged in as an admin and submit the sign up form it kicks me back with the error: You are already signed in.
I've tried to follow the instructions here: http://wiki.summercode.com/rails_authentication_with_devise_and_cancan but it doesn't seem to mention this situation.
Do I need to do further overriding in the editors_controller to allow this?
Here are my routes ("editors" is the name of my user model):
devise_for :admins, :skip => [:registrations]
as :admin do
get 'admin/editors' => 'editors#index', as: :admin_editors
get 'admin/editors/new' => 'editors#new', as: :new_editor
delete 'admin/editors/:id' => 'editors#destroy', as: :destroy_editor
end
devise_for :editors, :skip => [:registrations], :controllers => { :registrations => "editors" }
and my editors_controller in "app/controllers/"
class EditorsController < Devise::RegistrationsController
before_filter :check_permissions, :only => [:new, :create, :cancel]
skip_before_filter :require_no_authentication
def dashboard
render "editors/dashboard.html.haml"
end
def index
#editors = Editor.all
respond_to do |format|
format.html
end
end
private
def check_permissions
authorize! :create, resource
end
end
EDIT
I noticed this Processing by Devise::RegistrationsController#create as HTML in the logs when I submit the form. I had suspected that perhaps the skip_before_filter :require_no_authentication wasn't being called, but assumed that because the EditorsController was inheriting from RegistrationController that before filter would work properly. Is that not the case?
You'll want to implement your own create method on EditorsController instead of inheriting that action from Devise::RegistrationsController. As you're seeing, the method in Devise::RegistrationsController will first check to see if you're already logged in and kick you back if you are. If you're not logged in it will create a User account and then log you in as that user.
You're trying to get around that problem with skip_before_filter :require_no_authentication, but it's likely that your form is POSTing to /editors instead of /admin/editors. So, you'll need to add a route that allows you to get to create on the EditorsController :
as :admin do
post 'admin/editors' => 'editors#create'
# your other :admin routes here
end
Then you'd want to implement a scaled down version of create. You probably want something kind of like this :
class EditorsController < Devise::RegistrationsController
def create
build_resource(sign_up_params)
if resource.save
redirect_to admin_editors_path
else
clean_up_passwords resource
respond_with resource
end
end
# your other methods here
end
You'll also want to make sure that the admin/editors/new template is pointing the form to the correct route ('admin/editors').
None of the googleable solutions worked when I tried them. This works
What I did was create a new action in the controller and a new route for it, and connect the links on my views that normally connect to create to now call my route and action.
But that wasn't enough. Because Devise is listening and will grab any add you try to do and validate it through it's own code. So instead I just add the new user record with a sql insert.
Add this route
post 'savenew', to: 'users#savenew'
Add this action to the user controller:
def savenew
rawsql = "insert into users (email, created_at,updated_at) values ('#{user_params[:email]}',now(), now())"
sql = rawsql
ActiveRecord::Base.connection.execute(sql)
redirect_to action: 'index''
end
View: new.html.erb
change the form_for so that submit will go to the new route and action, not the default Rails one.
<%= form_for User, :url => {:action => "savenew"} do |f| %>
Using Rails 4.2.6 here (my model is User instead of Editor). The following solution bypasses (I think) any devise actions that may interfere with new User creation by the admin:
Add this action to the Users controller:
def savenew
User.create_new_user(user_params)
redirect_to action: 'index'
end
Add this private method to the Users controller if it does not exist:
private
def user_params
params.require(:user).permit(:email, :password,
:password_confirmation)
end
Add this to config/routes.rb:
match '/savenew', to: 'users#savenew', via: :post
Add this class method to the User model:
def self.create_new_user(params)
#user = User.create!(params)
end
I don't have a separate Admin class in my application. Instead, I defined an admin attribute for Users and check for it with a :validate_admin before_action filter in the UsersController.
I wanted to be able to create a new user from the :index view, so I added a button:
<%= button_to 'New User', '/new_user', class: 'btn btn-primary',
method: :get %>
You might have to tweak the above solution if you have any after_create actions in the User model (e.g. sending a welcome email).
I have this controller.
class SessionsController < Devise::SessionsController
# GET /resource/sign_in
def new
self.resource = build_resource(nil, :unsafe => true)
clean_up_passwords(resource)
respond_with(resource, serialize_options(resource))
end
# POST /resource/sign_in
def create
self.resource = warden.authenticate!(auth_options)
set_flash_message(:notice, :signed_in, :username => resource.username) if is_navigational_format?
sign_in(resource_name, resource)
respond_with resource, :location => after_sign_in_path_for(resource)
end
end
and this step-defenitions for cucumber:
Given /^a user "(.*?)" exists$/ do |user_name|
#user = User.create!(:username => user_name , :password => "tamara")
end
When /^he logs in$/ do
visit("/users/sign_in")
fill_in('Username', :with => "roelof")
fill_in('Password', :with => "tamara")
click_button('Sign in')
end
Then /^he should see "(.*?)"$/ do |message|
page.should have_content(message)
end
Everything works fine only after a successfull login I get redirect to the homepage and not to the login succceed page. So I don't see the flash message.
Roelof
Edit 1 : I checked the controller and resource_name and resource seems to have the right values.
the standard DeviseHelper for after_sign_in_path_for is the signed_in_root_path
# The scope root url to be used when he's signed in. By default, it first
# tries to find a resource_root_path, otherwise it uses the root_path.
You can check your routes and scope , and even debug by duplicating the Devise signed_in_root_path into your ApplicationController with a debugger line
By default, Devise's internal after_sign_in_path_for(resource) method first tries to find a valid {resource}_return_to key in the session, then it fallbacks to {resource}_root_path, otherwise it uses your root path route.
For instance, setting user_root_path would set direct path in the users scope after successful sign in (probably what you want):
# config/routes.rb
...
devise_for :users do
get 'users', :to => 'users#show', :as => :user_root
end
Or even:
# config/routes.rb
...
match 'user_root' => 'users#show'
Another way to override the redirect on successful login by overriding after_sign_in_path_for(resource):
# app/controllers/application_controller.rb
...
def after_sign_in_path_for(resource)
# Put some path, like:
current_user_path
end
Links for you to read:
How to: redirect to a specific page on successful sign in out
Method: Devise::Controllers::Helpers#after_sign_in_path_for
How To: Customize the redirect after a user edits their profile
How To: Change the redirect path after destroying a session i.e. signing out
I have a Ruby On Rails 3.x application using device.
My goal is to add a Yubikey input field to the login screen.
I have generated the views, adjusted the screen (i.e. the extra field shows up) and updated the routes as follows:
devise_for :users, :controllers => { :sessions=>"sessions", :registrations => "registrations" }, :path => "users", :path_names => { :sign_in => "login", :sign_out => "logout", :sign_up => "register" }
Not to forget, I created a session controller:
class SessionsController < Devise::SessionsController
def create
begin
if do_some_other_checks
super
else
build_resource
clean_up_passwords(resource)
flash[:alert] = "Login error"
render :new
end
rescue => e
build_resource
clean_up_passwords(resource)
flash[:alert] = "Login error"
render :new
end
end
end
Unfortunately the code doesn't quite work, it gets called after Devise has the user logged on, i.e. even if the additional check fails, the user still gets logged in.
There is a simple way to do this in your user model by adding in the following, no need to create any devise controllers or change default routes ...
class User < ActiveRecord::Base
# check to see if a user is active or not and deny login if not
def active_for_authentication?
super && do_some_other_checks
end
end