Home > Mobile >  Rails - Authentication Devise - Problem About authenticate_user
Rails - Authentication Devise - Problem About authenticate_user

Time:10-03

please !

I'm taking first steps in Ruby on Rails and I have a problem for to implements authentication with Devise. In short , this is scenario:

I want that the users can register a new user only inside the aplication, in other words, only after to authenticate. So I used the line of code above,

authenticate_user!(force:true) for to protect the route of register.

class Users::RegistrationsController < Devise::RegistrationsController
 
  before_action :configure_sign_up_params, only: [:create]
  before_action :configure_account_update_params, only: [:update]
  before_action -> {authenticate_user!(force:true)}, only: [:new, :create, :destroy]

...another methods without modification

And my file routes

Rails.application.routes.draw do

  devise_for :users, controllers: {
    sessions: 'users/sessions',
    passwords: 'users/passwords',
    registrations: 'users/registrations',
    confirmations: 'users/confirmations'
  }

  resources :enrolls
  resources :students
  resources :trainings
  resources :instructors

  # Certificates
  get 'certificates/:id', to: 'certificates#index'

  # Dashboard 
  get 'dashboard', to: 'dashboards#index'


  root :to => redirect('/dashboard')

end

So, After this , I can to authenticate and to protect all routes, but after authenticate, the route /users/sign_up(.:format) for registration don´t working,dont open the form for register, this route are protected even after authentication. When I type this route , the application redirect again for dashboard (root).

Can someone please help me?

CodePudding user response:

Think it's a hard task for a newcomer.

Let me explain why it doesn't work, take a look at the definition of Devise::RegistrationsController https://github.com/heartcombo/devise/blob/main/app/controllers/devise/registrations_controller.rb

  prepend_before_action :require_no_authentication, only: [:new, :create, :cancel]

so in your controller you'd need to do:

class Users::RegistrationsController < Devise::RegistrationsController
skip_before_action :require_no_authentication, only: [:new, :create]
...
end

This change will basically remove the before_action defined in Devise::RegistrationsController and you won't be redirected anymore.

CodePudding user response:

For me is working , my code is like this, Thank for your help Adam!

  before_action :configure_sign_up_params, only: [:create]
  before_action :configure_account_update_params, only: [:update]
  before_action -> {authenticate_user!(force:true)}, only: [:new, :create, :destroy]
  skip_before_action :require_no_authentication, only: [:new, :create]
  • Related