I have a requirement where the user creates an account through form with name and email. I need to send him an activation link once he clicks on it he must be able to choose a password. I am using authlogic please let me know the best way of achieving it.
Authlogic has very comprehensive guide; you can almost copy and paste everything:
https://github.com/binarylogic/authlogic
Related
I've been asked to implement 2FA with email codes, like you get from Steam (and many banks), after you haven't logged in for awhile. I initially thought this would have been a flag I could turn on in the Devise config, but I can't find ANY place on the internet that talks about something like this. The desired process would be to generate and email a one-time pad to enter into a confirmation screen. Every reference I've found to 2FA with Devise refers to using things like SMS or an authenticator app.
Working within the framework of Devise, it seems like this might possibly boil down to unconfirming the user every so often, maybe like every other day. That way, the next time they log in, they get another email with a new link to "re-"confirm the login. The best I can find is Warden::Manager.after_authentication to set user.confirmed_at = nil, but this doesn't seem to be doing what I want.
Thanks to a friendly person on Github, I was directed to the Devise plugin, https://github.com/Houdini/two_factor_authentication, which does exactly what I wanted. I knew someone had to have already written it!
I am trying to customise the confirmation email in order to pass an extra variable than the resource and confirmation token.
In particular what I want is to get the existing (soon to be overridden) email of the user passed into the confirmation email so that when the user clicks on the confirmation link, the page he goes to will have the user's old email in the parameters.
I'm not sure where I will need to make this change exactly (maybe mailer view or devise mailer?) and also what is the best way to override this in my rails app without touching the devise gem at all?
Or maybe there is even a better way I can get the user's old email after he confirms on the link but, as far as I'm aware, once that happens the old email is gone for good.
Use rails generate devise:views.
This will generate all the views that Devise uses internally so you can make your modifications.
NOTE
This will generate erb templates. If you wish to use haml or anything else. Here is a tutorial on how you can go about this process.
I want to let new users signup and browse my site without having to confirm their email addresses, until they try to do anything meaningful like create a new project, upload a video or leave a comment.
Does Devise have any hooks for doing this sort of thing?
Try to do it in combination of postponing email confirmation via allow_unconfirmed_access_for and confirmed? for specific actions, like described in similar question1 and question2.
BTW, starting from Devise 2.2.4 allow_unconfirmed_access_for accepts nil for unlimited access without confirmation.
I've implemented the ability to auto generate user passwords using Devise. Now when the user logs in to the system, I would like to force the user to reset the password. It seems like there is no such functionality built into Devise (please correct me if I am wrong). I can think of several ways to achieve this, but I'm sure there is a standard way of doing this.
Any tips would be appreciated.
Thanks.
Devise handles a password controller with associated views to change a user password. In application controller you can override some devise methods like after_sign_up_path , after_sign_in_path, after_confirmation_path etc with new_password_route which I remember is the router helper to change de password, not sure though. I will think that you are sending a mail with the generated password and a confirmation link. If not, what you are doing is kind of pointless. Generating a password so then the user has to change it is not right regarding UX. Just prompt the user with the desire pass at the beginning.
Good luck
What I’d like to achieve is a typical use case: a user enters his email address into a form. After sending the form to my application an email with a random generated link should be sent out to the user which he has to click to confirm his email address. After clicking the link the address should be marked as valid in my application.
My main questions are:
What is the best way to generate such random links?
What is the best way to map the click on such a random link to the address in my database?
Thanks :-).
It's also provided out of the box in Devise: https://github.com/plataformatec/devise
See confirmable option.
Use AuthLogic. It does all this for you.
Like #apneadiving and #Brian pointed out you have that feature in Devise and AuthLogic, but in case you need to roll out your what better way than to learn from them:
Set up a confirmations route
Set up a confirmations model
Set up a confirmations controller
The logic is to generate a random token (md5, sha1, whatever..) store it and send it.
When your confirmations controller is called you accept the confirmation for the token passed as param.