Rails form_with: is local:true the same as remote:false? - ruby-on-rails-5

In other words, are these two clauses just mirror images of each other? The documentation for form_with isn't clear on this.

local:true the same as remote:false?
If you mean that remote: false of form_for and local: true of form_with are same, then yes, they both are same!. But if mean the remote: false and local: true of form_with are same, then IDK. Infact there isn't any option called remote available in form_with.
The below are the details from form_with and form_for
:local - By default form submits are remote and unobstrusive XHRs.
Disable remote submits with local: true.
and
:remote - If set to true, will allow the Unobtrusive JavaScript
drivers to control the submit behavior. By default this behavior is an
ajax submit.

Related

How can I include the authenticity_token without using form_for?

I have many small pages that do not correspond to standard resource-based forms in my Rails 3.2.13 project. I am using Ajax calls from these forms to do POSTs. I'm getting the error:
WARNING: Can't verify CSRF token authenticity
which is causing my session to be invalidated and I'm redirected to the login page.
How can I include the CSRF stuff without using form_for?
To include the hidden input field with CSRF token in your view, use
<%= hidden_field_tag(request_forgery_protection_token.to_s, form_authenticity_token) %>
form_for uses the method FormTagHelper.token_tag, but it's a private method and can't be used directly.

Rails 3 - Can Active_admin use an existing user model?

Can Active Admin use my current Devise user model? It already has a column named admin, and if it's true, I'd like to bypass the Active admin login, when going to /admin.
Is this possible?
Current routes:
#Active admin
ActiveAdmin.routes(self)
#Devise
devise_for :admin_users, ActiveAdmin::Devise.config
devise_for :users, :path => "account"
The rest is basically standard Devise + Active admin
Yes you can do that, when running the generator skip the user model creation:
rails generate active_admin:install --skip-users
Then in your config/initializers/active_admin.rb :
# == User Authentication
#
# Active Admin will automatically call an authentication
# method in a before filter of all controller actions to
# ensure that there is a currently logged in admin user.
#
# This setting changes the method which Active Admin calls
# within the controller.
config.authentication_method = :authenticate_admin!
uncomment config.authentication_method and provide your authentication method for your admin, for example:
# app/controllers/application_controller.rb
def authenticate_admin!
redirect_to new_user_session_path unless current_user.is_admin?
end
Restart your server and It should be working. Also Take a look to Active Admin Configuration
Hope this helps.
As stated earlier, you will need to update your config/initializers/active_admin.rb to reflect the correct auth method.
Additionally, however, you will want to update the following settings as well:
# This setting changes the method which Active Admin calls
# to return the currently logged in user.
config.current_user_method = :current_admin_user
to
config.current_user_method = :current_user
and
# This setting changes the path where the link points to. If it's
# a string, the strings is used as the path. If it's a Symbol, we
# will call the method to return the path.
#
# Default:
config.logout_link_path = :destroy_admin_user_session_path
to
config.logout_link_path = :destroy_user_session_path
Of course, you don't HAVE to update these (or the method mentioned in the post), and just over-ride the methods elsewhere, but this seems to be the easiest / cleanest approach. You will obviously need to substitute "user" in each setting (current_USER) with the name of the model using devise authentication.
I would also recommend updating the following setting as well while you are in there:
# This setting changes the http method used when rendering the
# link. For example :get, :delete, :put, etc..
#
# Default:
config.logout_link_method = :get
to
config.logout_link_method = :delete
This last change is required if the default HTTP method used by your devise config is set to :delete, which it is unless you changed it. It matters that they are now synced because if you follow these instructions, you will be using destroy_user_session_path which is a path already defined by devise. Otherwise you will get a message stating that [GET] /users/sign_out route does not exist.
Here's the process if you have already installed ActiveAdmin with default settings, and you want to authenticate users with User.is_admin field on your existing model, and remove admin_user table:
Rollback admin_user migrations (if you didn't use --skip-users when installing Active Admin):
rake db:migrate:down VERSION=20141205110842 # create_active_admin_comments.rb
rake db:migrate:down VERSION=20141205110831 # add_devise_to_admin_users.rb
rake db:migrate:down VERSION=20141205110820 # devise_create_admin_users.rb
Then remove those 3 files.
In routing, remove the line devise_for :admin_users, ActiveAdmin::Devise.config
In application_controller.rb, add:
def authenticate_admin!
if current_user && current_user.is_admin
# fine
else
redirect_to new_user_session_path
end
end
In active_admin.rb:
config.authentication_method = :authenticate_admin!
config.current_user_method = :current_user
config.logout_link_path = :destroy_user_session_path
config.allow_comments = false
config.logout_link_method = :get # couldn't get active_admin to sign out via :delete. So I configure devise to sign out via :get.
To configure devise to sign out via :get, add in devise.rb:
config.sign_out_via = :get
# And for every occurrence of destroy_user_session_path, remove the option method: delete.
Create is_admin migration:
rails g migration add_is_admin_to_user is_admin:boolean
Edit the migration like so:
class AddIsAdminToUser < ActiveRecord::Migration
def change
add_column :users, :is_admin, :boolean, default: false
end
end
And migrate:
rake db:migrate
If in rails 4, don't forget to add is_admin in permit_params. In app/admin/user.rb:
permit_params ....., :is_admin
Add rights to admin users, in a console:
u = User.find(42); u.is_admin = true; u.save
Enjoy
All of what everyone else has said as well as in conjunction with the guide laid out at
http://dan.doezema.com/2012/02/how-to-implement-a-single-user-model-with-rails-activeadmin-and-devise/
that adds some additional bits on information if you are choosing to revert back to the option to have a single user model when you have already implemented an admin_user model (ie right now you have a 'user' as well as an 'admin_user' model).
The additional steps included
remove devise_for :admin_users, ActiveAdmin::Devise.config from routes.rb
copy code from app/admin/admin_user.rb to app/admin/user.rb (only use what is required)
delete app/admin/admin_user.rb (or you will get an Uninitialized constant error on AdminUser) like this guy had (and me as well).

How to do confirmation with devise authentication in Ruby on Rails

I am using devise in my application for authentication. When I try to register, I get the following error:
Missing host to link to! Please provide the :host parameter, set default_url_options[:host], or set :only_path to true
I am using :comfirmable and had uncommented t.confirmable in the migration
In order to use confirmable module you need to configure ActionMailer that is used by devise for sending confirmation emails. First step for solving your problem is setting up mailer host in you environment.rb or in the corresponding file for a particular environment like that:
config.action_mailer.default_url_options = { :host => “example.com” }
For further steps have a look at this rails guide and answers to this question.

Devise and Stateless tokens in Rails

I got an API that I have developed using Rails 3 and Devise. I am using tokens (token_authenticatable) for authentication for requests made to the API from a client. I want to be able to switch between users in the requests just be replacing the token.
I heard about a setting called :stateless_token (boolean) but I cannot figure out where to put this setting. Is there another way?
If found the token_authenticatable here:
https://github.com/plataformatec/devise/blob/master/lib/devise/strategies/token_authenticatable.rb
If found info about the stateless_token here:
http://rdoc.info/github/plataformatec/devise/master/Devise/Models/TokenAuthenticatable
stateless_token is deprecated as of now. This is the new form (it allows more auth strategies to be stateless):
# config/initializers/devise.rb
config.skip_session_storage = [:token_auth]
You can also edit the file /config/initializers/devise.rb and put (or uncomment, if already there) the following line:
config.stateless_token = true
It should be an option in your devise_for line in the routes file.
devise_for :users, :stateless_token => true
Let me know if that works,
In this page of documentation for devise it says that "TokenAuthenticatable adds the following options to devise_for:" with stateless token being one of them.
Also here is a link to the devise_for documentation

Setting Up Devise & Sendgrid on Heroku

My site is hosted on Heroku and I installed the Sendgrid Add-On as it looked almost too good to be true - but so far none of the email functionality is working. I have read the documentation and it clearly says just add-the add on - is more configuration required to get Devise working?
When I select 'send me new password' I get a 404 page which makes me think there is more to this. Like how does Sendgrid know/where to use the pre-installed Devise templates?
Thx.
I just set up Devise and SendGrid this morning and have no problems. I'm going to resume the steps I took.
First, install Devise and SendGrid. Congratulations, you've already done that ;)
Then, for production, add this to your files:
config/initializers/devise.rb :
config.mailer_sender = "mail-to-send#from.com"
Set up Rails ActionMailer to use SendGrid
config/environments/production.rb
config.action_mailer.default_url_options = { :host => 'your.websitedomain.com' }
ActionMailer::Base.smtp_settings = {
:user_name => ENV['SENDGRID_USERNAME'],
:password => ENV['SENDGRID_PASSWORD'],
:address => "smtp.sendgrid.net",
:port => 587,
:enable_starttls_auto => true,
:authentication => :plain,
:domain => "yourdomain.com"
}
And everything's working great with that. Sign up confirmations, password recovery...
Also, you should use Logging Expanded (it's Free!) and check your logs with heroku logs --tail (for real time).
If you still get errors, post your logs.
Have a good day !
I've used the sendgrid Add-On and it really should just work. Like you said, even the docs say so:
Rails apps using ActionMailer will just work, no setup is needed after the add-on is installed.
So, this makes me think something else is going on. Have you tried using the heroku logs command to see if your application is logging any errors?