I have an admin user in my application and only admin can create and activate users in this application.
When I create a user, devise made a automatic login for this new user. How I can create a user without automatic login?
You have to override Registration Controller (see tutorials like this one )
Then, looking at the original code (can be found here ), you'll have to edit the create part.
Original one :
# POST /resource
def create
build_resource
if resource.save
if resource.active_for_authentication?
set_flash_message :notice, :signed_up if is_navigational_format?
sign_in(resource_name, resource)
respond_with resource, :location => redirect_location(resource_name, resource)
else
set_flash_message :notice, :inactive_signed_up, :reason => resource.inactive_message.to_s if is_navigational_format?
expire_session_data_after_sign_in!
respond_with resource, :location => after_inactive_sign_up_path_for(resource)
end
else
clean_up_passwords(resource)
respond_with_navigational(resource) { render_with_scope :new }
end
end
What you're looking for is deleting this line sign_in(resource_name, resource)
I hope I understood your problem correctly.
I'm not quite sure what you want to achieve:
Simply create a user instance, that can then log in
Create a new user and notify them their account has been created (i.e. "invite them")
In the first case, simply create a User instance with the appropriate information (check which fields you need to complete in the console: they depend on you configuration and the "strategies" you use: confirmable, lockable, etc.)
In the second case, you probably want to check out something like this: https://github.com/scambra/devise_invitable
Presuming User is your model, add a boolean field called is_active to the users table. Then use method active? in the User model:
class User < ActiveRecord::Base
#this method will be used by devise to determine if the user is "active"
def active?
#Allow user to log in if the user is confirmed AND if we are allowing
#the user to login
super and (not self.confirmed_at.nil?) and self.is_active?
end
end
To disable a user from logging in, set the field is_active to false in a before_create filter in User model. Or, set the default value as false in the migration.
Set is_active to true to allow a user to login.
Related
I have a create method in my RegistrationsController, which inherits from Devise::Registrations controller. It is supposed to call Stripe and if the creation of a customer is successful, it saves the user and sends a confirmation email, which is handled by '#create' in Devise. If the call to Stripe fails, it is supposed to set a flash and not save the user or send an email, i.e. suppress the Devise 'create' method. The method works fine if the call to Stripe is successful, but if it is not successful, the user is still saved and the confirmation email is still sent.
class RegistrationsController < Devise::RegistrationsController
def create
super
#user = resource
result = UserSignup.new(#user).sign_up(params[:stripeToken], params[:plan])
if result.successful?
return
else
flash[:error] = result.error_message
# TODO: OVERIDE SUPER METHOD SO THE CONFIRM EMAIL IS
# NOT SENT AND USER IS NOT SAVED / EXIT THE METHOD
end
end
I have tried skip_confirmation!, this just bypasses the need for confirmation. resource.skip_confirmation_notification! also does not work. I have also tried redefining resource.send_confirmation_instructions; nil; end; My thought was to exit the create method altogether in the else block. How can I exit the create method or suppress 'super' in the else block, or would another approach be better? Thanks.
By calling super at the top of your override, the whole registration process will take place, signing up your user, and only then executing your code.
You need to override Devise's registrations_controller.rb create action code by copy and pasting the whole and inserting your call like this:
class RegistrationsController < Devise::RegistrationsController
# POST /resource
def create
build_resource(sign_up_params)
# Here you call Stripe
result = UserSignup.new(#user).sign_up(params[:stripeToken], params[:plan])
if result.successful?
resource.save
else
flash[:error] = result.error_message
end
yield resource if block_given?
if resource.persisted?
if resource.active_for_authentication?
set_flash_message :notice, :signed_up if is_flashing_format?
sign_up(resource_name, resource)
respond_with resource, location: after_sign_up_path_for(resource)
else
set_flash_message :notice, :"signed_up_but_#{resource.inactive_message}" if is_flashing_format?
expire_data_after_sign_in!
respond_with resource, location: after_inactive_sign_up_path_for(resource)
end
else
clean_up_passwords resource
set_minimum_password_length
respond_with resource
end
end
end
Notice that resource.save is only called if result.successful?.
I created a custom Registration controller for Devise. I inserted a param in my form that says if it's true I should do some extra stuff after registration, for example, create a related company for the user.
class RegistrationsController < Devise::RegistrationsController
before_filter :authenticate_user!, :only => :token
def new
super
end
def create
super
reg_type = params['reg_type']
if reg_type=='1'
current_user.create_default_company!
end
end
def update
super
end
end
However, my current_user is coming up nil.
undefined method `create_default_company!' for nil:NilClass
What can I use to reference the current_user immediately after super is called, which creates the user.
Params:
Parameters: {"utf8"=>"✓", "authenticity_token"=>"E1urosfkmekwweklo/HZaEVrrmxQVKO9E=", "user"=>{"name"=>"", "email"=>"4#Gmail.com", "password"=>"[FILTERED]", "password_confirmation"=>"[FILTERED]"}, "commit"=>"Sign up", "reg_type"=>"1"}
I am passing the parameter, using two links:
new_user_registration_path(reg_type: '0')
new_user_registration_path(reg_type: '1')
The action of the create depends on which link the user chooses.
You can check this reg_type param in after_create callback and then create default company if it is equal to '1'.
If you open devise gem , you will find create method as
(devise-3.2.4)
def create
build_resource(sign_up_params)
if resource.save
yield resource if block_given?
if resource.active_for_authentication?
set_flash_message :notice, :signed_up if is_flashing_format?
sign_up(resource_name, resource)
respond_with resource, location: after_sign_up_path_for(resource)
else
set_flash_message :notice, :"signed_up_but_#{resource.inactive_message}" if is_flashing_format?
expire_data_after_sign_in!
respond_with resource, location: after_inactive_sign_up_path_for(resource)
end
else
clean_up_passwords resource
respond_with resource
end
end
you should first check which version of devise you are using then you can override that method in your controller.
In short using resource instead current_user may solve your problem, but it may generate inappropriate result as you will only assigning attributes (not saving) after rendering template.
You should be able to access the new user by passing a block to super:
def create
super do |resource|
if params['reg_type'] == "1"
resource.create_default_company!
end
end
end
This is explained (well, at least mentioned) in the docs under "Configuring controllers".
The new user is accessible via the block parameter resource, although it might not be saved at this point.
Firstly, thank you for all the comments. My solution was to use andrey deineko suggestion with a after_create call back. I added an attr_accessor to reference the permission, which I added to the form as a hidden field.
I used..
class User < ActiveRecord::Base
attr_accessor :reg_type
after_create :create_default_company!, if: :is_reg?
def is_reg?
#reg_type == '1'
end
...
end
It seems to work well. thank you for all the recommendations.
When a user registers for an account in my Rails app, I'm using the default Devise behavior to send them a confirmation email. On the website, after the user fills out the registration form, they are automatically redirected to the login page with an alert notice that they need to confirm their account via email:
"Please confirm your acount via email."
I would like the alert to be more specific, like
"A confirmation email has been sent to <%= confirmation_email%>.
Please click the link in the email to finish the registration
process!"
How can I pass the unconfirmed email address back to the view?
I imagine that when you're creating the user, you're still saving the unconfirmed email address in your database when you create/save the user? If so, you should be able to call it the same way you call other variables in the view. Make sure they are defined in the associated controller and then call them up in the view with something like <%= #user.email %>.
Needed to override devise registrations controller create action with this code:
class RegistrationsController < Devise::RegistrationsController
# POST /resource
def create
build_resource(sign_up_params)
if resource.save
# this block will be used when user is saved in database
if resource.active_for_authentication?
# this block will be used when user is active or not required to be confirmed
set_flash_message :notice, :signed_up if is_navigational_format?
sign_up(resource_name, resource)
respond_with resource, :location => after_sign_up_path_for(resource)
else
# this block will be used when user is required to be confirmed
user_flash_msg if is_navigational_format? #created a custom method to set flash message
expire_session_data_after_sign_in!
respond_with resource, :location => after_inactive_sign_up_path_for(resource)
end
else
# this block is used when validation fails
clean_up_passwords resource
respond_with resource
end
end
private
# set custom flash message for unconfirmed user
def user_flash_msg
if resource.inactive_message == :unconfirmed
#check for inactive_message and pass email variable to devise locals message
set_flash_message :notice, :"signed_up_but_unconfirmed", email: resource.email
else
set_flash_message :notice, :"signed_up_but_#{resource.inactive_message}"
end
end
end
Then pass email variable in devise.en.yml file
en:
devise:
registrations:
signed_up_but_unconfirmed: "A confirmation email has been sent to %{email}. Please click the link in the email to finish the registration process!"
Experimenting with Devise 3.0 for Rails 4 and thinking about integrating into an existing app to replace my own Authentication system.
My own users_controller communicated with an API (Stripe) during registration and I'm not sure how I would include this functionality if I were to use Devise?
Am I suppose to override/extend the Devise Controller in some way? Any help would be much appreciated.
For future googlers: it is possible to call super in an action of inherited controller with block and do whatever you want, without overwriting Devise code:
class Users::RegistrationsController < Devise::RegistrationsController
def create
super do |user|
NotificationMailer.user_created(user).deliver
end
end
end
You can define the actions in the your controller and call super inside it, which will include the functionality of the corresponding devise action. And you can also add your own functionality into it.
Eg: Consider the Registrations controller (Registrations Controller)
Here, you can use the devise's create action code of Registration Controller in you own create action of Registration Controller and add your functionality as commented in the code.
class RegistrationsController < Devise::RegistrationsController
.
.
.
def create
build_resource(sign_up_params)
if resource.save
if resource.active_for_authentication?
set_flash_message :notice, :signed_up if is_navigational_format?
sign_up(resource_name, resource)
# Here the user successfully signs up, so you can use your stripe API calls here.
respond_with resource, :location => after_sign_up_path_for(resource)
else
set_flash_message :notice, :"signed_up_but_#{resource.inactive_message}" if is_navigational_format?
expire_session_data_after_sign_in!
respond_with resource, :location => after_inactive_sign_up_path_for(resource)
end
else
clean_up_passwords resource
respond_with resource
end
end
end
I'm having troubles in understanding how devise works when you try to customize its behaviour.
I have two different models to handle: Society and Collaborator, and the registration form has to be in the same view for both of them.
So I have to override the "devise registration controller create method" by writing a new controller which handles both models.
And here comes the pain.
From here "Devise form within a different controller" and here, I know that I have to define those new helpers, to make devise works:
module ContentHelper
def resource_name
:user
end
def resource
#resource ||= User.new
end
def devise_mapping
#devise_mapping ||= Devise.mappings[:user]
end
end
And the create method which I want to override is this:
def create
build_resource
if resource.save
if resource.active_for_authentication?
set_flash_message :notice, :signed_up if is_navigational_format?
sign_in(resource_name, resource)
respond_with resource, :location => after_sign_up_path_for(resource)
else
set_flash_message :notice, :"signed_up_but_#{resource.inactive_message}" if is_navigational_format?
expire_session_data_after_sign_in!
respond_with resource, :location => after_inactive_sign_up_path_for(resource)
end
else
clean_up_passwords resource
respond_with resource
end
end
I can't figure out how to make it works without compromising warden functionality. (build_resource). Any suggestion? I can't find any solution with no STI use!
It sounds like you are going to have a complicated model setup that might plague you down the track. If you have two different "user" models that are needed, maybe you can still have a User model and then also have Society and Collaborator models that each "has_one :user". That way on signup you create the user record, and the Society or Collaborator method (whichever was selected). That way devise (and your all your authentication) is just linked to the User model and it stays simple.
In general, if you find yourself fighting against the grain, it's a good idea to re-evaluate what you are doing. Unless you are doing something groundbreaking, there is a good chance things shouldn't be so difficult.
you can define variables in all the views of devise, for example
#type = :society
and
def resource_name
#type
end
then you can use the original controllers and views, and just add it in the AplicationHelper
PD: for User.new, you can use a string in a eval condition, something like
#res = "Society"
then
#resource ||= eval(#res).new