Menu
I am launching a beta site with a select group of users. I want to disable registration in the production environment only, and only for a short period of time (i.e. I don't want to nuke my registration altogether). I know I can simply hide the "sign up" link, but I suspect that hackers smarter than I can still use the RESTful routes to accomplish registrations. What's the best way to disable registration so my test/development environments still work, but production is affected? Thanks for any pointers.
I've tried pointing named scopes in such a way that "sign_up" goes to "sign_in", but it didn't work. Here's what I've tried:
devise_scope :user do get "users/sign_in", :to => "devise/sessions#new", :as => :sign_in get "users/sign_up", :to => "devise/sessions#new", :as => :sign_up end Ideally, we'd send the user to a "pages#registration_disabled" page or something like that. I just wanted to get something working I can play around with.
EDIT: I've changed the model as requested, then added the following to /spec/user_spec.rb
describe "validations" do it "should fail registration if in production mode" do ENV['RAILS_ENV'] = "production" @user = Factory(:user).should_not be_valid end end it is passing as "true" rather than false. Is there a way to mock up the production environment? I'm just spit-balling this one.
Thanks!
311
Devise is an excellent authentication system made for Rails that allows us to easily drop-in User functionality into our project. Add Devise to your Gemfile and run bundle install. gem 'devise', '~> 3.4.0'
Devise is the cornerstone gem for Ruby on Rails authentication. With Devise, creating a User that can log in and out of your application is so simple because Devise takes care of all the controllers necessary for user creation ( users_controller ) and for user sessions ( users_sessions_controller ).
"Resource" is basically a substitute for the name of the users that app developers will utilize in the future. Devise doesn't care what users are actually called: no matter what it is called, to devise, your users will be known as simply "resource".
Edit the user model and remove :registerable, I think that should give you what you want.
Edit:
I think this would work:
if Rails.env.production? devise :database_authenticatable, :recoverable, :rememberable, :trackable, :validatable else devise :database_authenticatable, :recoverable, :rememberable, :trackable, :validatable, :registerable end Since others are having the problem I'm having (see my comments). Here is exactly how I fixed it. I used murphyslaw's idea. But you also need to make sure devise uses your new controller for the registration routing, or it won't do much for you.
Here is my controller override:
class RegistrationsController < Devise::RegistrationsController def new flash[:info] = 'Registrations are not open yet, but please check back soon' redirect_to root_path end def create flash[:info] = 'Registrations are not open yet, but please check back soon' redirect_to root_path end end I've added flash messages to inform anyone who somehow stumbles upon the registration page why it isn't working.
Here is what is in my routes.rb
if Rails.env.production? devise_for :users, :controllers => { :registrations => "registrations" } else devise_for :users end The controllers hash specifies that I want it to use my overridden registrations controller.
Anyways, I hope that saves someone some time.
45
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
