Add a logout button in RESTFUL authentication

Question

I've installed RESTFUL authentication and everything seems to be working fine. i can signup and login. the only way i can logout is by typing in the URL http://localhost:3000/logout

how do i add a logout button on a page? i tried adding one to the members.rhtml

<%= link_to "logout", :controller=> "sessions", :action=> "destroy" %>

which references the session_controller.rb but i get an error "No action responded to show. Actions: create, destroy, and new"

any thoughts? thanx

Answer 1

What do you have in your routes file?

Try putting

map.log_out 'logout', :controller => 'sessions', :action => 'destroy'

in your routes.

Then just have

<%= link_to "Sign out", log_out_url %>

for the sign out link.

EDIT

Its all down to how you specify the routing.

Because you had the map.log_out in the routing, then the url http://localhost:3000/logout url is picked up by this and routed to the correct action.

If you have :

<%= link_to "logout", :controller=> "sessions", :action=> "destroy" %>

This will just generate a link for you of http://localhost:3000/session. But, it does nothing to the routing. You still need to specify the correct routes.

Note that Rails does not append the destroy action to the url. (It will not create http://localhost:3000/session/destroy.) It assumes that if you have an action of destroy that you will be sending it with a DELETE http verb. For some reason, its not quite perfect and it doesnt actually also default to sending the DELETE verb.

You can force it to do this :

<%= link_to "logout", {:controller=> "user_sessions", :action=> "destroy"}, :method => :delete%>

This will still not work unless you also route it correctly. If you put the following into the routes :

map.resource :session

Then rails will generate the routing for all the verbs and specify the default actions for them, including DELETE. More information can be found here : Rails Routing from the Outside In.

That whole page is worth reading over and over until you really understand it. Routing is key to understanding Rails!

For a simple controller like Sessions, it is easier just to specify the log_out route and then link to log_out_url..

(Hope that makes sense, sleep deprivation is creeping in!)

Answer 2

If you are using devise and your concerned model is User, the elegant way is here:

<%= link_to 'logout', destroy_user_session_path, method: :delete %>

It works because:

• due to HTTP methods are GET, POST, PUT, PATCH and DELETE, so using method: :delete (not method: :destroy)
• we're using destroy_user_session_path with devise and User model as usual, if you define other model name such as Manager you just change logout path to destroy_manager_session_path