I'm starting my first project with Active Admin.
To use another model for my users I use the following command :
rails generate active_admin:install User
After this I make this change in active_admin initializer :
config.authentication_method = :authenticate_user!
config.current_user_method = :current_user
I'm correctly login my application but on the home page I get this error :
undefined method `destroy_admin_user_session_path' for #<ActiveAdmin::Views::HeaderRenderer:0x007ff8fa086a60>
How can I fix it properly ?
Solved by editing initializer :
config.logout_link_path = :destroy_user_session_path
This is addition to #Awea answer. Use togather with that.
Check rails routing table for destroy_user_session.
For example devise token auth make route table entry like this:
destroy_user_session DELETE /auth/sign_out(.:format) devise_token_auth/sessions#destroy
But default method for activeadmin logout link is :get and it will not work.
To make it worked properly add to config/initializers/active_admin.rb also and:
config.logout_link_method = :delete
Related
I am trying to allow users profiles to be viewed. I am using devise and have followed Creating a Users show page using Devise
Currently has a route of '/users/1' with 1 being the id of the user. I would like to make it '/users/username'.
I tried to implement this by doing:
"config/routes.rb"
match '/users/:username', to: 'users#show', via: 'get'
"app/controllers/users_controller.rb"
def show
#user = User.find(params[:username])
end
Even with this ^^ the route is still 'users/1'
Use FriendlyId, it is easy to use.
https://github.com/norman/friendly_id
http://railscasts.com/episodes/314-pretty-urls-with-friendlyid?view=asciicast
I need to sign in fron non-devise controller. I found this link from devise wiki, but I get error :
wrong number of arguments (2 for 0)
I did exactly like in the link. What went wrong? Thanks
My code :
sign_in(:site, Site.find(params["si"]))
sign_in(:user, User.find(params[:id])
If you do a binding.pry after you'll see that current_user is set.
For some reason, doing a redirect after this will make current_user nil.
That's why I set something in the session like this and then redirect, and then check if that session id is set and then use it to do the above code:
session[:new_user_id] = params[:id]
you need to pass agruments post you code for clarity
sign_in(:user, User.find(params[:id]))
I'm probably late. But had the same problem and as it turns out I had a sign_in method in my users controller.
Did you check for a sign_in method in the controller where you are calling the sign_in method?
I am using devise in my rails app to user sign up/in. On sign up, i want to redirect user to its profile page.
I did rake routes and for edit, root is :
/profiles/:id/edit
I wrote this in registrations controller:
def after_sign_up_path_for(resource)
'http://localhost:3000/profiles/#{resource.id}/edit'
end
But it is not working. Can anybody help?
shouldn't you use:
def after_sign_up_path_for(resource)
edit_profile_path(resource)
end
instead of hardcoded http://localhost:3000/profiles/#{resource.id}/edit
would be helpfull to have your routes file posted too.
We have an existing user base and are adding email confirmation. Confirmation is optional but will allow additional features. Users are not required to confirm. I've added the confirmable module and ran migrations. Confirmation works as advertised.
But, users cannot log in since they are not confirmed. All current users have nil confirmation values, which is what we want (users can go back and confirm their email at any time). I've followed all the Devise wiki articles and set allow_unconfirmed_access_for in the initializer:
config.allow_unconfirmed_access_for = 10.years
I've also tried setting it in our user model as well:
devise :confirmable, allow_unconfirmed_access_for: 10.years
I've also tried using other values (1.year, 500.days, etc.)
My SessionsController, which does not differ much from Devise's method (here on github)
class Users::SessionsController < Devise::SessionsController
respond_to :json
def new
redirect_to "/#login"
end
def create
resource = warden.authenticate(auth_options)
if !resource
render json: {error: "Invalid email or password" }, status: 401 and return
end
sign_in(resource_name, resource)
render "sign_in", formats: [:json], locals: { object: resource }
end
end
Devise's the response:
{"error": "You have to confirm your account before continuing."}
Devise 2.1.2 with Rails 3.2.9.
The Devise team have released a version (2.2.4) that supports nil as a valid value for allow_unconfirmed_access_for, meaning no limit. Issue: https://github.com/plataformatec/devise/issues/2275
You can now do:
config.allow_unconfirmed_access_for = nil
I simply needed to do this in my User model, instead of using allow_unconfirmed_access_for:
protected
def confirmation_required?
false
end
I've got the same issue: after turning on devise confirmations previously created accounts are unable to login.
The reason is here:
def confirmation_period_valid?
self.class.allow_unconfirmed_access_for.nil? || (confirmation_sent_at && confirmation_sent_at.utc >= self.class.allow_unconfirmed_access_for.ago)
end
Old accounts have confirmation_sent_at set to nil, that's why they are unable to log in.
One solution is to force confirmation_sent_at like that:
update users set confirmation_sent_at=created_at where confirmation_sent_at is NULL;
You can do it manually, or create a migration.
I'm trying to implement switch_user gem in my existing rails 3.0.9 application.
There are two models on my application, they are
User - for my customer accounts and it has_one Account
AdminUser - This was created by ActiveAdmin
I have already enabled devise authentication for Users and ActiveAdmin also working pretty much well with AdminUser. Now from my Active Admin interface I'd like to select the Accounts and login to those account just like the account owner does. Switch user is working fine but the problem is anyone can simply login to the user accounts now if they know the urls.
http://localhost:3000/switch_user?scope_identifier=user_1
All I need is allow only an AdminUser (i.e if there is an ActiveAdmin session) to access the User's accounts.
This is how my /config/initializers/switch_user.rb looks like
SwitchUser.setup do |config|
config.controller_guard = lambda { |current_user, request| current_admin_user.nil?}
config.redirect_path = lambda { |request, params| "/dashboard" }
end
But I get this error
NameError in SwitchUserController#set_current_user
undefined local variable or method `current_admin_user' for main:Object
Is there anyway I can access the active admin session?
Code for /config/initializers/active_admin.rb
ActiveAdmin.setup do |config|
config.site_title = "MyAppName"
config.authentication_method = :authenticate_admin_user!
config.current_user_method = :current_admin_user
end
btw in my application controller I haven't created any methods for authenticate_admin_user , current_admin_user active admin works fine without them.
You need modify local config/initializers/switch_user.rb:
config.controller_guard = lambda { |current_user, request, original_user, controller|
controller.admin_user_signed_in?
}
Original lambda has 2 arguments.
Just append more (up to 4) and use it.
Don't forget restart rails server :)
OK I think I found a solution to secure the switch_user. All I did is moving the routes inside the admin_users scope
ActiveAdmin.routes(self)
devise_for :admin_users, ActiveAdmin::Devise.config do
match '/admin/switch_user', :controller => 'switch_user', :action => 'set_current_user'
end