Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Redirect to log in page if user is not authenticated with Devise

Tags:

ruby-on-rails

ruby-on-rails-4

devise

warden

I'm using Devise with Ruby on Rails.

What is the recommended way to redirect unauthenticated users to the sessions#new page if they attempt to access a page that requires authentication?

Right now I get an error that says no route matches the one they attempt to access (leading to a 404 error in production).

like image 320
Gdeglin Avatar asked May 09 '14 02:05

Gdeglin

4 Answers

Just simple add this method to application_controller.rb

  protected
  def authenticate_user!
    if user_signed_in?
      super
    else
      redirect_to login_path, :notice => 'if you want to add a notice'
      ## if you want render 404 page
      ## render :file => File.join(Rails.root, 'public/404'), :formats => [:html], :status => 404, :layout => false
    end
  end

And you can call this method on before_filter another controllers you want.

e.g : 

class HomesController < ApplicationController
  before_filter :authenticate_user!
  ## if you want spesific action for require authentication
  ## before_filter :authenticate_user!, :only => [:action1, :action2]
end

Don't forget add login_path into routes.rb

devise_scope :user do
  match '/sign-in' => "devise/sessions#new", :as => :login
end

note : I always use this way when play with devise for my apps authentication.. (rails 3.2 and rails 4.0.1)

like image 144
GeekToL Avatar answered Nov 07 '22 09:11

GeekToL

You can do just like GeekTol wrote, or just put

before_action :authenticate_user!

in your controller.

In this case, devise uses the default authenticate_user! method, that will redirect to the "user_session_path" and use the default flash message.

It's not necessary to rewrite authenticate_user! method, unless you want to customize it.

like image 29
imtk Avatar answered Nov 07 '22 10:11

imtk

I thought you could just add: before_action :authenticate_user! to each controller that required the user to be logged in.

I'm a Rails beginner but I found this in my own searches and it works well in my application.

like image 3
comphelp Avatar answered Nov 07 '22 08:11

comphelp

You should refer to Devise's own How To: How To: Redirect to a specific page when the user can not be authenticated.

Another alternative I can think of is creating a routing Constraint wrapping your protected routes. You'd better stick to Devise's way, but here is an example:

#On your routes.rb
constraints(Constraints::LoginRequired) do
  get '/example' 
end

#Somewhere like lib/constraints/login_required.rb
module Constraints
  class LoginRequired
    def self.matches?(request)
      #some devise code that checks if the user is logged in
    end 
  end
end
like image 2
Lucas Polonio Avatar answered Nov 07 '22 10:11

Lucas Polonio
Sign in to Comment

Related questions

Devise: Create users without password
defined? method in Ruby and Rails
ruby on rails find_or_initialize
rails rbenv: rails: command not found
Adding a Model Reference to existing Rails model
Add I18n translations to rspec tests
Ruby on rails connection problem
WARNING: Nokogiri was built against LibXML version 2.7.7, but has dynamically loaded 2.6.16
Perform sidekiq job synchronously [duplicate]
Expecting errors in rspec tests
How to unit-test a JSON controller?
Why do date helpers not work in Rails console?
Passing Variable to Partial - undefined local variable or method error
Rails where condition with nil value
Creating Rails 3.1 app with Postgresql database (OSX Lion)
Rails - best way to display code only in production?
Deploying to heroku with git keeps getting rejected due to fast-forwards
Rails how to switch between dev and production mode?
How do you install Rails 4.0 in an RVM gemset?
Why is my rails db:migrate not working?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!