How can I break up the devise signup form into two steps on two different pages?
Page 1: User enters email, clicks submit.
Page 2: User enters password, clicks submit.
This is a common signup flow and I couldn't find any examples, how-tos or questions about it. It seems worth asking for the benefit of all of us beginner Rails monkeys. Of course I'd like to save the email even if the user neglects to enter a password on the second page.
Really appreciate any advice!
You are going to want to use a multi-stage form with sessions. There is a great Railscast here on the topic http://railscasts.com/episodes/217-multistep-forms Sessions are a way of preserving data about a user from one page to the next without the explicit need for you to set his cookies, recognize them etc. Rails sessions take care of all of the recognition.
Related
I have a Ruby on Rails app, version 7, with the Devise and Devise Invitable gem installed.
I am currently trying to figure out a way to create two different routes depending on the type of user. User 1 is a basic user who needs one kind of landing page, and User 2 is a special user, who should go to another landing page. Both Users belong to the same model.
Scenario 1:
User 1 is a basic user. We invite User 1 through an email, and this link leads to a landing page with e.g. "Welcome to basic features, please provide your login information"
Scenario 2:
User 2 is a special user. We invite User by generating a URL and then sending it to them manually. The link goes to another landing page with e.g: "Welcome to special features, please provide your login information".
I can't see any way of doing this in the documentation, nor has Googling yielded any results.
I found a way to "cheat" by adding a query parameter to the URL generation. I might go down that path, and decide what to render based on this parameter.
But I was curious if there is a more idiomatic way of doing this.
In all of my Rails applications I have a User model with name, email and password attributes (among others).
This seems to be the standard approach when building Rails apps.
The more Rails apps I build, the more I begin to wonder why the User.name is even necessary.
Wouldn't it be easier to just omit the user name everywhere right from the start?
From a user perspective, the sign up process will become easier. Instead of filling in four fields (username, email, password, and password confirmation), the user will have to fill in only three.
According to some usability experts this might increase the number of sign ups.
In addition to that, users will also have to remember less data, i.e. only their email address (which most people have memorized anyway).
So what might be negative implications of this approach?
I couldn't think of any so far.
You might need to make emails from your app personalized, maybe with greetings such as `Dear <%= username %>.
This doesn't mean you have to put name as one of the sign-up fields. You can put in the update form only, when the user edits their profile. Then you can make the edit_user_registration_path the after_sign_up_path_for devise.
I don't think using username is "standart" approach with rails apps. In fact, devise's vanilla approach is using only email on models.
However, being able to accept username or email has many other advantages. You may have other scenarios where users do not register at all. I mean, perhaps you are also creating accounts for users without any registration and you don't know their emails, if so using email will not be an option.
In some applications, we use more then 3 authentication strategies. Some users do not have a username or email at all..
In short, i think it really depends on your scenarios. But i am sure that using both email and username is not a rails convention.
If the main goal is a frictionless signup process then an OAUTH strategy would be the best way to go (4 fields of info down to two clicks), however you may want to collect the user info at a later time for a more personalized feel depending on what info you can capture from the callback.
We are using Devise gem on our app and wondering how we could add a Contract acceptance in the process of the gem.
As Devise doesn't do that we thought of 2 solutions, one clean and one a bit dirty.
When user signs in, he is temporarly redirected to EULA page (using #resource from Devise). If accepts, sign in is successful and user enters the app, if rejected, the user is stuck on log in page.
When user signs in, he enters into the app and has a EULA page that he should accept. We then pass a flag to "yes" or "no" depending if he accepts or not. If not, he is redirected to sign in page.
The second solution is the easiest one but I feel it a bit unsecure (and perhaps server loads useless?).
The first one would be better, but we can't find any doc, tips to help us doing this and we are stuck in it.
Does anyone have developped similar thing? What's the best practice?
Thanks!
i think your second option is cleaner: create a bool field in your users table and check that (at login or in every request -> before_filter) and redirect if not set. that way, if you change your eula and the user has to re-accept it, you can clear all the bool flags in your users table to force your users to accept the new version.
I'm trying to build the backend for a subscription-only area for a website.
When the customer first pays for the subscription, he is going to be registered automatically by a callback from an external app confirming the user has paid.
I want to create the user automatically with several blank attributes. Once the user tries to login for the first time, he has to change or update all of these attributes. Then I want to run the validation routine for the attributes.
Assume the user knows his username and first password as he completes the payment.
The authentication is currently being done with Devise, but it is subject to change.
How would you go about implementing this on Rails?
You could use :on => :update after the relevant validations to bypass them on registration. Then, create a before_filter that redirects logged in users to their profile edit page throughout your application if at least one required attribute is missing.
You can just .save(false) on creation to prevent the validation completely
Not as good of a solution for your problem, but for others like me who got here through Google...
http://guides.rubyonrails.org/v2.3.11/activerecord_validations_callbacks.html#skipping-validations
I'm trying to implement a delayed-signup (aka delayed authentication aka gradual engagement) website flow using Devise + Rails.
By gradual engagement, I mean
"Don't make the user sign in until she
absolutely has to, but let her play
around and be remembered on the site"
I'm looking for a simple way to do this using devise. I feel like this is something many others have had to do, but I haven't found documentation on it.
The following approach sounds ok in my head, so I'm going to start with it:
Create users that are only "rememberable"
When certain pages are accessed, require that these users have more
data on them, like a username and
password, via something like
"before_filter :authenticate_user!" in
the appropriate controllers.
Does this approach make sense? Is there a better one? Do you have an implementation of a gradual engagement approach to signup/registration forms using Devise + Rails that you're willing to share?
I think the point of the article you gave us is to say:
only ask for sign up if necessary.
What does this mean?
Let's take an example. You're an e-commerce web site.
When does the customer has to sign up "at last"? During checkout. Never before. So you don't have to store, or remember anything about the user. Devise is never, never used here.
How do you manage the shopping cart of an unsigned in/up user? I'd say database, with session Id as primary key. Or You could store all the items ids in cookie, for later use.
In your code, if you have an action called checkout, just set in your controller a before_filter authenticate_user!, :only => [:checkout]
But maybe you have some constraints, like being able to keep your user's nickname without signing him up for example?
One alternate option is to do email-only signup, then send an email with a special link to finish registration later / bring them back to their account. There's an actively maintained tutorial on devise email-only signup at:
https://github.com/plataformatec/devise/wiki/How-To:-Email-only-sign-up
I've used this tutorial for a site I did a while back where we only asked for their email address to sign up, then later sent emails for them to complete registration / add a password.
You can keep all unsigned user's data in cookies, and transfer them to database once the user logs in, if you need to.