Problem
I have a User model, and the Volunteer model that inherits from the User model:
class User < ActiveRecord::Base
end
class Volunteer < User
end
They are both saved on the same table in the database, but have different controllers / routes.
The routes are:
devise_for :users ....
devise_for :volunteers ....
And this works fine and dandy, but the authorization system that I use depends on a current_user helper. And this fails for volunteers because devise creates current_volunteer for the Volunteer model.
What i have tried is to set devise_for :volunteers, :singular => "user", and this creates a current_user that refers to users and volunteers, but the problem now is that the routes for volunteers are messed up.
Question
So my question is, is there any way to have the current_user helper, refer to another model other than user?
I think this way you allow a user to be signed in as a User and a Voluteer in the same session.
Once you have a way to deal with that could you not just have
# in application_controller.rb
alias_method :devise_current_user, :current_user
def current_user
devise_current_user || current_volunteer
end
in your application_controller.rb
I faced similar problem and solved it like this. But is this solution is specific for cancan gem.
application_controlller.rb
def actual_user
#actual_user ||= current_user.present? ? current_user : current_volunteer
end
def current_ability
#current_ability ||= Ability.new(actual_user)
end
I have accepted viktor tron's answer beacuse it seems the cleanest method.
However, i have resolved my issue in a different way.
I've ended up hardcoding the sign in process for other classes as :user. This gives me access to the current_user method even for the volunteer class.
class Volunteers::SessionsController < Users::SessionsController
def create
resource = warden.authenticate!(:scope => resource_name, :recall => "#{controller_path}#new")
if resource
flash[:notice] = "You are logged in"
sign_in(:user, resource)
super
else
super
end
end
end
perhaps a little to late but you can try the following in your routes.rb
devise_for :users , :skip => :registrations
as :user do
match "volunteers/edit(.:format)", :to => "devise/registrations#edit"
end
devise_for :volunteers , :skip => :sessions
The above code assumes that all users and its subclasses (assuming what you are implementing STI to achieve Users model hierarchy) can sign_in and sign_out, but only volunteers can register. Since a volunteer is a user, the user should be able to edit his registration as such. You can add more routes inside the as :user block.
Related
I'm building an authentication using Devise.
Creating users works, but after the creation the user is automatically logged-in and becomes redirected to the root-page.
I have created an own RegistrationController and overwritten the after_sign_up_path method:
class RegistrationsController < Devise::RegistrationsController
def after_sign_up_path_for(resource)
"/users/sign_in"
end
end
But it doesn't work.
What have I done wrong, respectively what have I missed.
I have read various other StackOverflow question already. Until now nothing has worked.
Here's my routes.rb too:
Rails.application.routes.draw do
resources :comments
resources :posts
devise_for :users, controllers: { registrations: "registrations" }
root "posts#index"
end
It seems like after you sign up successfully devise automatically log in and you cannot get login page if you still log in, correct me if I'm wrong
This is the default sign up method that ships with the RegistrationsController
# Signs in a user on sign up. You can overwrite this method in your own
# RegistrationsController.
def sign_up(resource_name, resource)
sign_in(resource_name, resource)
end
You can override it in your code.
Thanks to Nick M's answer I could solve the problem the following way:
First make sure your "routes.rb"-file has a line like here ...
Rails.application.routes.draw do
devise_for :users, :controllers => {:registrations => "registrations"}
...
end
Then create a "registrations_controller.rb"-file and add there this:
class RegistrationsController < Devise::RegistrationsController
protected
def sign_up(resource_name, resource)
sign_out :user
end
end
Doing it that way results in being redirected to the Login-form automatically, after creating a user. Exactly the behaviour I liked to accomplish.
"#sign_out(resource_or_scope = nil) ⇒ Object
Sign out a given user or scope. This helper is useful for signing out a user after deleting accounts. Returns true if there was a logout and false if there is no user logged in on the referred scope
sign_out :user # sign_out(scope)
sign_out #user # sign_out(resource)"
Source
I am using rails3 and gem devise and i have two roles admin and customer and i want after user
sign out admin should redirect to different path and customer should redirect to different path
when sign out..
You can get your desired functionality by using devise method after sign_out path.
but before you define these methods in application helper.
def is_admin?(user)
admin_role = Role.find(:first, :conditions => ["name = ?", "admin"])
return user.roles.include?(admin_role)
end
def is_customer?(user)
admin_role = Role.find(:first, :conditions => ["name = ?", "customer"])
return user.roles.include?(admin_role)
end
After that include application helper in application controller and define this method
def after_sign_out_path_for(resource_or_scope)
if is_admin?(current_user)
home_path = "/admin/users/sign_in"
elsif is_customer?(current_user)
home_path = "/customer"
end
respond_to?(home_path, true) ? send(root_path) : home_path
end
Hope it will work fine !!!
You can override the after_sign_out_path_for(resource) method that devise uses. Just mention the logic or just the desired redirection path after checking the roles of your user in the method. The devise session's destroy action calls the redirection path through this method.
def after_sign_out_path_for(resource)
#logic
end
Hope this is helpful..
The Devise README covers how to set up custom routes and controllers. In short you'll want to customize your routes for each model, e.g.:
devise_for :admins, :controllers => { :sessions => "admins/sessions" }
devise_for :customers, :controllers => { :sessions => "customers/sessions" }
Then create the corresponding controllers and override Devise::SessionsController#destroy, e.g.:
class Admins::SessionsController < Devise::SessionsController
def destroy
super
redirect_to ...
end
end
I really like to authenticate my devise user through 2 different interfaces with a view to have 2 different layout.
For example I would be able to use /users/sign_in and /admin/sign_in based on the same User model.
I had set 2 routes :
devise_for :users
and
devise_for :users, :module => "admin/users", :path => ''
But I'm not sur it's the right way to do that because I need overwrite current_user on my application controller, like this:
def current_user
super || current_admin_user
end
Moreover I have 2 methods : authenticate_user! and authenticate_admin_user!
I'm really confused with this specification, can anybody help ?
I'm not sure if I got your problem, if not, please comment on it :)
There is no need to overwrite current_user. You can create a filter that filters admins like this:
def require_admin_user
unless current_user.admin
flash[:error] = "You need admin privileges to enter this area"
redirect_to root_path
end
end
current_user will return the current_user logged in, whether it is an admin or it isn't an admin. If you want for an user to be able to login in as an admin only if they as an ordinary user, I would suggest another approach: creating another model for admins and filtering for require_user! for the admin sign_in.
Your best bet is to use STA (Single Table Inheritance)… Then you can use 2 devise_for declarations, one for each model.
I have a different controller admin in that i have added a login action.
class AdminController < ApplicationController
def login
#user = User.new
end
end
In view of login.html.erb
<%= form_for(#user, :as => :user, :url => session_path(:user)) do |f| %>
<% end %>
U can now call admin/login path
and successfully got sign up, but if you want to redirect to some other page after sign up instead of root url then
In application controller write inside this method of devise
def after_sign_in_path_for(resource)
end
I have looked all over the place, and found a lot of info... but nothing works for me and I don't get it :(
I know that you are suppose to override the registration controller, like this:
class Users::RegistrationsController < Devise::RegistrationsController
def after_sign_up_path_for(resource)
authors_waiting_path
end
end
Then following the example showed by Tony Amoyal http://www.tonyamoyal.com/2010/07/28/rails-authentication-with-devise-and-cancan-customizing-devise-controllers/, I am supposed to change my routes to update the access the new controller:
devise_for :users, :controllers => { :registrations => "users/registrations" } do
#get '/author/sign_up', :to => 'devise/registrations#new'
#get '/client/sign_up', :to => 'devise/registrations#new'
get '/author/sign_up', :to => 'users/registrations#new'
get '/client/sign_up', :to => 'users/registrations#new'
end
Yes, I have something a bit strange here, because I am catching some specific path to send them to the registration page, this allows me to create effectively 2 registration scenario.
I commented what I had before I had overridden the registration controller.
Even with all this and my authors_waiting_path being a valid path, it just keeps on going to the sign-in page after registration :(
This is really frustrating.
Alex
edit: I also found this on the devise wiki: https://github.com/plataformatec/devise/wiki/How-To:-Redirect-after-registration-(sign-up)
But I have no idea where to define this create method ? should I override the session controller ???
edit 2:
I put a dummy override of the controller:
class Pouets::RegistrationsController < Devise::RegistrationsController
def after_sign_up_path_for(resource)
authors_waiting_path
end
def new
super
end
def create
puts "was here"
super
end
def edit
super
end
def update
super
end
def destroy
super
end
def cancel
super
end
end
And I never the "was here" in my logs.... I really have the feeling that it's totally ignoring the override... I must be doing something wrong :(
Ok... I am able to override it so you should be either :0
Create folder app/controllers/users
put there registrations_controller.rb with: (option with session - but it will try sign_in and later redirect - it may be not intended behavior for you ). Furthermore this is from devise wiki and I am not sure if it works
class Users::RegistrationsController < Devise::RegistrationsController
def create
session["#{resource_name}_return_to"] = complete_path
super
end
end
restart application (just for ensure you don't trust anything)
All in all you must override Create If you want redirect only Users... if you want define some more complex scenario you should monkeypatch sign_in_and_redirect
so your controller will looks like
class Users::RegistrationsController < Devise::RegistrationsController
# POST /resource/sign_up
def create
build_resource
if resource.save
set_flash_message :notice, :signed_up
#sign_in_and_redirect(resource_name, resource)\
#this commented line is responsible for sign in and redirection
#change to something you want..
else
clean_up_passwords(resource)
render_with_scope :new
end
end
end
second option try to monkeypatch helper ....
module Devise
module Controllers
# Those helpers are convenience methods added to ApplicationController.
module Helpers
def sign_in_and_redirect(resource_or_scope, resource=nil, skip=false)
#intended behaviour for signups
end
end
end
end
I have tried the above solution and while it works, reading devise code, I have found that all you actually need in order to sign-out just registered user and redirect is:
to add is_approved or similar to your user table and
to add active_for_authentication? method in your User model
Code:
class User < ActiveRecord::Base
# ... some code
def active_for_authentication?
super && is_approved
end
end
Was a bit hard to find when I needed it, but that is all. I am actually writing it here in case someone else needs it.
I have started using devise for my rails app, however i need to make some changes to the controller logic that devise has, my problem is that i assign users roles, and i want to put in params[:user][:role_ids] ||= [] in the update action so if all the roles are unchecked then it actually works.
whats the best way to do this?
class UsersController < Devise::SessionsController
def create
super
end
def update
#edit here
end
end
and make sure you update your routes.rb file:
devise_for :users, :controllers => { :sessions => 'users/sessions' }