Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Devise multiple concurrent logins

I have an existing Rails 3 site. This site uses Devise to log in.

Now I need to add a subsite with a separate login. Let's say that it is at mysite.com/special. Everybody that go to /special need to sign in with a different set of credentials than the main site. These credentials are not valid for the main site but they must, in parallel, be able to log into the main site and stay logged in both.

To complicate the picture a bit, 'special' users are able to impersonate a subset of regular users. If they do impersonate, sign out of the impersonation and so forth, they must remain logged into the special site until they explicitly sign out there.

My initial idea was to use a separate session cookie for this entire subsite but I don't know how to do that. I tried setting something like this up but it is almost guesswork at this point.

scope '/special' do 
    devise_for :special_users, :controllers => { :sessions => "special/sessions" }, :skip => "registrations", :module => "special_users"
    unauthenticated do
      as :special_user do
        root :to => 'special/sessions#new'
      end
    end
end  

Unfortunately, I'm a bit new to Rails and this seems to be rather complicated. Is it even possible with Devise and if so, do anyone have any pointers as to how to go about it?

like image 904
Jan Avatar asked Jul 06 '26 01:07

Jan


1 Answers

As it turns out, this is what scopes are for. Everything makes much more sense when you know what they call it ;) Anyway, Qumaras' comment above was actually on the right track), and the tutorials and wikis are generally good sources of information. One possible approach:

  devise_for :spuser, :controllers => { :sessions => "sp/spusers/sessions"}
  as :spuser do # as = equiv. to devise_scope
    # add spuser specific items here, such as:
    unauthenticated :spuser do
      root :to => 'sp/spusers/sessions#new'
    end
  end

Then if you want to sign in another tab as a regular user, you could do this in a controller.

def impersonate
  @user = User.first
  sign_in(:user, @user)
  redirect_to '/main'
end

And wire the impersonate action up in routes.rb

resources :regularcustomers do
  member do
    get :impersonate
  end
end

and then you can call it in a view:

<%= link_to @customer.name, impersonate_regularcustomers_path(@customer), :target => 'impersonationtab' %>
like image 96
Jan Avatar answered Jul 07 '26 15:07

Jan



Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!