please !
I'm taking first steps in Ruby on Rails and I have a problem for to implements authentication with Devise. In short , this is scenario:
I want that the users can register a new user only inside the aplication, in other words, only after to authenticate. So I used the line of code above,
authenticate_user!(force:true) for to protect the route of register.
class Users::RegistrationsController < Devise::RegistrationsController
before_action :configure_sign_up_params, only: [:create]
before_action :configure_account_update_params, only: [:update]
before_action -> {authenticate_user!(force:true)}, only: [:new, :create, :destroy]
...another methods without modification
And my file routes
Rails.application.routes.draw do
devise_for :users, controllers: {
sessions: 'users/sessions',
passwords: 'users/passwords',
registrations: 'users/registrations',
confirmations: 'users/confirmations'
}
resources :enrolls
resources :students
resources :trainings
resources :instructors
# Certificates
get 'certificates/:id', to: 'certificates#index'
# Dashboard
get 'dashboard', to: 'dashboards#index'
root :to => redirect('/dashboard')
end
So, After this , I can to authenticate and to protect all routes, but after authenticate, the route /users/sign_up(.:format) for registration don´t working,dont open the form for register, this route are protected even after authentication. When I type this route , the application redirect again for dashboard (root).
Can someone please help me?
CodePudding user response:
Think it's a hard task for a newcomer.
Let me explain why it doesn't work, take a look at the definition of Devise::RegistrationsController https://github.com/heartcombo/devise/blob/main/app/controllers/devise/registrations_controller.rb
prepend_before_action :require_no_authentication, only: [:new, :create, :cancel]
so in your controller you'd need to do:
class Users::RegistrationsController < Devise::RegistrationsController
skip_before_action :require_no_authentication, only: [:new, :create]
...
end
This change will basically remove the before_action
defined in Devise::RegistrationsController
and you won't be redirected anymore.
CodePudding user response:
For me is working , my code is like this, Thank for your help Adam!
before_action :configure_sign_up_params, only: [:create]
before_action :configure_account_update_params, only: [:update]
before_action -> {authenticate_user!(force:true)}, only: [:new, :create, :destroy]
skip_before_action :require_no_authentication, only: [:new, :create]