I had an existing User model before I installed Devise so I followed the instructions here.
I even generated the devise views. But when I am at my localhost and type in localhost:3000/users/sign_in or any of the other routes available to me via devise, it doesn't work.
Also, my existing RESTful routes for users that I got from using
resources :users
are no longer available unless I have both:
devise_for :users
resources :users
but I thought I was supposed to delete the resources :users when I had the devise_for :users line in my routes file.
What is going on? Does anyone have any idea?
EDIT
The issue is when I go to users/password, it tells me that there is no user with ID=password, but this route is available to me.
I also have issues with the users/sign_in and users/sign_out. It redirects back to my root path for some reason. Sometimes it works, other times it doesn't and I am not sure why. The log looks like this:
Started GET "/users/sign_in" for 127.0.0.1 at 2011-09-16 19:05:43 -0400
Processing by Devise::SessionsController#new as HTML
User Load (0.3ms) SELECT `users`.* FROM `users` WHERE `users`.`id` = 1 LIMIT 1
Redirected to http://localhost:3000/
What exactly doesn't work here? Are you getting anything useful in the logs or elsewhere? Also, have you setup your :users model to include the devise :recoverable, :authenticateable, ..., etc.?
You need both devise_for and resources defined in your config/routes.rb. devise_for sets up routes that will go to the devise controllers, but does not handle anything else. So you will still need normal resourceful routes for the user model to do add, update, delete, etc.
Related
I've integrated dotPay to my Spree site for payments. The user after choosing this option is redirected from my site to dotPay's. He pays what is needed there and then he can click a button which will return him to my site. And here lays the problem. When he returns he is no longer logged in and I need him to be.
A bit strange thing (to me maybe) he is being redirected via POST request - can't change that. With that I also get a warning Can't verify CSRF token authenticity not sure if that might have anything to do with it.
Any suggestion are very much welcome.
P.S. I'm using Spree 1-3-stable, Rails 3.2.13, Devise 2.2.3, Ruby 1.9.3
For specific actions, you can disable CSRF checking by adding a line like this to the controller:
protect_from_forgery :except => [:callback_from_dotpay]
conversely, you can specify which actions to protect, like this:
protect_from_forgery :only => [:create, :update, :delete]
Alternatively, to turn it off completely for an entire controller, you can do this (Rails 2, 3):
skip_before_filter :verify_authenticity_token
If you decide to jump on the bleeding edge, Rails 4 wants you to do it this way:
skip_before_action :verify_authenticity_token
Well, in the end I've ended up with removing the CSRF verification. I'm not 100% sure, but I can't send my authenticity_token to dotPay (well, I can, but they won't return it). However, they are generating a md5, which I can check and also I'm checking the IP address where it's coming from.
I have an application with Devise (2.2.3) and Active Admin (0.5.1) I installed Devise first, and then Active Admin afterwards. The entire app needs to sit behind a login, so in my application controller I have the following:
before_filter :authenticate_user!
However, since installing Active Admin to the root namespace (config.default_namespace = false, in initializers/active_admin.rb), my application now won't let anyone login. It creates a redirect loop to the path /users/login.
I've tried alleviating this by adding a skip_before_filter in my config/application.rb file, but this hasn't worked
config.to_prepare do
Devise::SessionsController.skip_before_filter :authenticate_user!
UsersController.skip_before_filter :authenticate_user!
end
and I also added the following to app/admin/user.rb
controller do
skip_before_filter :authenticate_user!
end
which also did nothing. Finally, I tried explicitly excluding the two controllers in my application_controller.rb, but this also did nothing.
before_filter :authenticate_user!, except: {controller: [:users, 'devise/sessions']}
How do I get around this rather annoying problem?
Solved the issue by changing my routes around. The ActiveAdmin routes need to come after the Devise routes, like so:
devise_for :users, ActiveAdmin::Devise.config
ActiveAdmin.routes(self)
Believe this occurred because I installed ActiveAdmin after I'd installed and configured Devise.
I did
rails generate controller home index
But it adds this line to my routes.rb
get "home/index"
I thought Rails could deduce controller/method from the URL automatically? Why do I need to specify every get/post page?
Here's my complete routes.rb file:
Callisto2::Application.routes.draw do
root :to => "home#index"
resources :assets
end
root "/" works fine. so does /assets/*.
What's the problem with /home/index? I get the error:
Routing Error
No route matches [GET] "/home/index"
Try running rake routes for more information on available routes.
rake routes (run as apache user) gives me the following output:
root / home#index
Thanks for any clarifications. Not sure what I'm missing.
Edit: I didn't make this clear: I manually removed get /home/index from routes.rb to keep that file clean.
Rails used to add the so called catch all route at the bottom of your routes file:
match ':controller(/:action(/:id(.:format)))'
There was nothing 'automatic' or magical about these urls, just that every rails app started out with this route in their routes.rb
This has fallen out of favour, at least partially because it makes everything accessible over get, whereas
resources :books
Adds each route with the appropriate http verb. Listing routes explicitly is also a lot less verbose than when rails started out.
If your controller is home and the action is index your path is just /home.
You can find more information here.
I followed the basic steps to add authentication to Rails using Devise from their page, but every time I try to visit a default page (such as the Sign In or Sign Up pages), I get:
Routing Error
No route matches {:controller=>"devise/Home"}
This happens whether I link to the page in a view using
link_to('Register', new_user_registration_path)
or just visit "/users/sign_up".
This is a different error from when I visit a page with no route defined (No route matches [GET] "/users/bad_example"), and
devise_for :users
is already present in my routes.rb. I have even tried generating views (rails g devise:views) to no avail. It looks like Devise isn't generating/using a controller or some such. How do I go about fixing this?
Here are some files that may help:
routes.rb
rake routes output
It turns out the problem was not with Devise, but with my routes file. I have fixed my routes file as seen at http://guides.rubyonrails.org/routing.html and now this works properly.
I am using activeadmin gem which is going fine, now i want to add its authentication to some external pages or as MVC you say to some action. don't mix it with the actions which can be added from admin/users.rd files. these are those action that reside out side of activeadmin.
To use a Devise (which Active Admin uses for authentication) for a page in the same app but not an actual Active Admin page I did the following:
in my routes.rb I added a new route:
devise_scope :admin_user do
resources :products
end
then in my products_controller.rb i added a before_filter to restrict access:
class ProductsController < ApplicationController
before_filter :authenticate_admin_user!
Hope that helps!