Menu
In Devise, if I change user's password and after it gets updated in the db, the site immediately logs out the user. I don't want this behavior - how do i do that. please help.
427
I had the same problem and the following code seems to work for me.
Assume that the passwords controller is set for a singleton route. Also, assume that the authenticated model is an Account. With that, you have the following:
def update if current_account.update_with_password(params[:account]) sign_in(current_account, :bypass => true) flash[:notice] = 'Password updated.' redirect_to account_path else render :action => :show end end The key ingredient is the sign_in method call which seeks to re-sign-in the account, but bypasses the warden callbacks and stores the account into the session.
96
The example above did not work for me using multiple scopes in Devise.
I had to add the scope/resource name in the sign_in path for it to work, and to prevent chaos I also had to sign out the old user or else all kinds of confusion would abound.
The changes I had to make would look something like this using the above example.
def update if current_account.update_with_password(params[:account]) sign_out(current_account) sign_in(:account, current_account, :bypass => true) flash[:notice] = 'Password updated.' redirect_to account_path else render :action => :show end end Edit to add: I believe I had to forcibly sign out the user because somewhere I overrode Devise's code in order not to have users sign out during certain actions. In hindsight; not a good idea! This approach is much better! Being that it is safer to make your own Controllers versus overriding Devise's code unless it's absolutely unavoidable.
38
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
