Menu
I have a Rails 3.1.3 app which uses devise for users authentication and soft-deletes them with acts_as_paranoid. I want the accounts to be undeleted upon password recreation, user sign up and user sign in, so if they provide a deleted email, I grab that account, make it live again, and then continue with the action (password recreation, or sign in).
But in the Users::SessionsController#create action, after undeletion of the user it gets an Unauthorized error (but the user should now be visible). The code is:
def create
# Take into account acts_as_paranoid deleted users
resource = resource_class.only_deleted.find_by_email(params[resource_name][:email])
resource.undelete! if resource
resource = warden.authenticate!(:scope => resource_name, :recall => "#{controller_path}#new")
set_flash_message(:notice, :signed_in) if is_navigational_format?
sign_in(resource_name, resource)
respond_with resource, :location => after_sign_in_path_for(resource)
end
If I add a resource.reload call after the undeletion it doesn't change anything. And if I sign in again, user gets normally signed in, as it got undeleted in the previous attempt.
Why is this happening? How can I get it undeleted and signed in in a single create call?
355
Solved it with following code snippet:
def create
# Take into account acts_as_paranoid deleted users
if (resource = resource_class.only_deleted.find_by_email(params[resource_name][:email]))
resource.undelete!
# Copied from Warden::Strategies database_authenticatable:
sign_in resource if resource.valid_password?(params[resource_name][:password])
end
super
end
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With