Module: Devise::Controllers::Helpers
- Extended by:
- ActiveSupport::Concern
- Includes:
- SignInOut, StoreLocation
- Defined in:
- lib/devise/controllers/helpers.rb
Overview
Those helpers are convenience methods added to ApplicationController.
Defined Under Namespace
Modules: ClassMethods
Class Method Summary collapse
-
.define_helpers(mapping) ⇒ Object
Define authentication filters and accessor helpers based on mappings.
Instance Method Summary collapse
-
#after_sign_in_path_for(resource_or_scope) ⇒ Object
The default url to be used after signing in.
-
#after_sign_out_path_for(resource_or_scope) ⇒ Object
Method used by sessions controller to sign out a user.
-
#allow_params_authentication! ⇒ Object
Tell warden that params authentication is allowed for that specific page.
-
#devise_controller? ⇒ Boolean
Return true if it’s a devise_controller.
-
#devise_parameter_sanitizer ⇒ Object
Setup a param sanitizer to filter parameters using strong_parameters.
-
#handle_unverified_request ⇒ Object
Overwrite Rails’ handle unverified request to sign out all scopes, clear run strategies and remove cached variables.
-
#is_flashing_format? ⇒ Boolean
Check if flash messages should be emitted.
- #is_navigational_format? ⇒ Boolean
- #request_format ⇒ Object
-
#sign_in_and_redirect(resource_or_scope, *args) ⇒ Object
Sign in a user and tries to redirect first to the stored location and then to the url specified by after_sign_in_path_for.
-
#sign_out_and_redirect(resource_or_scope) ⇒ Object
Sign out a user and tries to redirect to the url specified by after_sign_out_path_for.
-
#signed_in_root_path(resource_or_scope) ⇒ Object
The scope root url to be used when they’re signed in.
-
#warden ⇒ Object
The main accessor for the warden proxy instance.
Methods included from StoreLocation
#store_location_for, #stored_location_for
Methods included from SignInOut
#sign_in, #sign_out, #sign_out_all_scopes, #signed_in?
Class Method Details
.define_helpers(mapping) ⇒ Object
Define authentication filters and accessor helpers based on mappings. These filters should be used inside the controllers as before_filters, so you can control the scope of the user who should be signed in to access that specific controller/action. Example:
Roles:
User
Admin
Generated methods:
authenticate_user! # Signs user in or redirect
authenticate_admin! # Signs admin in or redirect
user_signed_in? # Checks whether there is a user signed in or not
admin_signed_in? # Checks whether there is an admin signed in or not
current_user # Current signed in user
current_admin # Current signed in admin
user_session # Session data available only to the user scope
admin_session # Session data available only to the admin scope
Use:
before_filter :authenticate_user! # Tell devise to use :user map
before_filter :authenticate_admin! # Tell devise to use :admin map
44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 |
# File 'lib/devise/controllers/helpers.rb', line 44 def self.define_helpers(mapping) #:nodoc: mapping = mapping.name class_eval <<-METHODS, __FILE__, __LINE__ + 1 def authenticate_#{mapping}!(opts={}) opts[:scope] = :#{mapping} warden.authenticate!(opts) if !devise_controller? || opts.delete(:force) end def #{mapping}_signed_in? !!current_#{mapping} end def current_#{mapping} @current_#{mapping} ||= warden.authenticate(scope: :#{mapping}) end def #{mapping}_session current_#{mapping} && warden.session(:#{mapping}) end METHODS ActiveSupport.on_load(:action_controller) do helper_method "current_#{mapping}", "#{mapping}_signed_in?", "#{mapping}_session" end end |
Instance Method Details
#after_sign_in_path_for(resource_or_scope) ⇒ Object
The default url to be used after signing in. This is used by all Devise controllers and you can overwrite it in your ApplicationController to provide a custom hook for a custom resource.
By default, it first tries to find a valid resource_return_to key in the session, then it fallbacks to resource_root_path, otherwise it uses the root path. For a user scope, you can define the default url in the following way:
map.user_root '/users', controller: 'users' # creates user_root_path
map.namespace :user do |user|
user.root controller: 'users' # creates user_root_path
end
If the resource root path is not defined, root_path is used. However, if this default is not enough, you can customize it, for example:
def after_sign_in_path_for(resource)
stored_location_for(resource) ||
if resource.is_a?(User) && resource.can_publish?
publisher_url
else
super
end
end
142 143 144 |
# File 'lib/devise/controllers/helpers.rb', line 142 def after_sign_in_path_for(resource_or_scope) stored_location_for(resource_or_scope) || signed_in_root_path(resource_or_scope) end |
#after_sign_out_path_for(resource_or_scope) ⇒ Object
Method used by sessions controller to sign out a user. You can overwrite it in your ApplicationController to provide a custom hook for a custom scope. Notice that differently from after_sign_in_path_for
this method receives a symbol with the scope, and not the resource.
By default it is the root_path.
152 153 154 |
# File 'lib/devise/controllers/helpers.rb', line 152 def after_sign_out_path_for(resource_or_scope) respond_to?(:root_path) ? root_path : "/" end |
#allow_params_authentication! ⇒ Object
Tell warden that params authentication is allowed for that specific page.
97 98 99 |
# File 'lib/devise/controllers/helpers.rb', line 97 def allow_params_authentication! request.env["devise.allow_params_authentication"] = true end |
#devise_controller? ⇒ Boolean
Return true if it’s a devise_controller. false to all controllers unless the controllers defined inside devise. Useful if you want to apply a before filter to all controllers, except the ones in devise:
before_filter :my_filter, unless: :devise_controller?
81 82 83 |
# File 'lib/devise/controllers/helpers.rb', line 81 def devise_controller? is_a?(::DeviseController) end |
#devise_parameter_sanitizer ⇒ Object
Setup a param sanitizer to filter parameters using strong_parameters. See lib/devise/parameter_sanitizer.rb for more info. Override this method in your application controller to use your own parameter sanitizer.
88 89 90 91 92 93 94 |
# File 'lib/devise/controllers/helpers.rb', line 88 def devise_parameter_sanitizer @devise_parameter_sanitizer ||= if defined?(ActionController::StrongParameters) Devise::ParameterSanitizer.new(resource_class, resource_name, params) else Devise::BaseSanitizer.new(resource_class, resource_name, params) end end |
#handle_unverified_request ⇒ Object
Overwrite Rails’ handle unverified request to sign out all scopes, clear run strategies and remove cached variables.
178 179 180 181 182 183 |
# File 'lib/devise/controllers/helpers.rb', line 178 def handle_unverified_request sign_out_all_scopes(false) request.env["devise.skip_storage"] = true expire_data_after_sign_out! super # call the default behaviour which resets the session end |
#is_flashing_format? ⇒ Boolean
Check if flash messages should be emitted. Default is to do it on navigational formats
195 196 197 |
# File 'lib/devise/controllers/helpers.rb', line 195 def is_flashing_format? end |
#is_navigational_format? ⇒ Boolean
189 190 191 |
# File 'lib/devise/controllers/helpers.rb', line 189 def Devise..include?(request_format) end |
#request_format ⇒ Object
185 186 187 |
# File 'lib/devise/controllers/helpers.rb', line 185 def request_format @request_format ||= request.format.try(:ref) end |
#sign_in_and_redirect(resource_or_scope, *args) ⇒ Object
Sign in a user and tries to redirect first to the stored location and then to the url specified by after_sign_in_path_for. It accepts the same parameters as the sign_in method.
159 160 161 162 163 164 165 |
# File 'lib/devise/controllers/helpers.rb', line 159 def sign_in_and_redirect(resource_or_scope, *args) = args. scope = Devise::Mapping.find_scope!(resource_or_scope) resource = args.last || resource_or_scope sign_in(scope, resource, ) redirect_to after_sign_in_path_for(resource) end |
#sign_out_and_redirect(resource_or_scope) ⇒ Object
Sign out a user and tries to redirect to the url specified by after_sign_out_path_for.
169 170 171 172 173 174 |
# File 'lib/devise/controllers/helpers.rb', line 169 def sign_out_and_redirect(resource_or_scope) scope = Devise::Mapping.find_scope!(resource_or_scope) redirect_path = after_sign_out_path_for(scope) Devise.sign_out_all_scopes ? sign_out : sign_out(scope) redirect_to redirect_path end |
#signed_in_root_path(resource_or_scope) ⇒ Object
The scope root url to be used when they’re signed in. By default, it first tries to find a resource_root_path, otherwise it uses the root_path.
103 104 105 106 107 108 109 110 111 112 113 |
# File 'lib/devise/controllers/helpers.rb', line 103 def signed_in_root_path(resource_or_scope) scope = Devise::Mapping.find_scope!(resource_or_scope) home_path = "#{scope}_root_path" if respond_to?(home_path, true) send(home_path) elsif respond_to?(:root_path) root_path else "/" end end |
#warden ⇒ Object
The main accessor for the warden proxy instance
72 73 74 |
# File 'lib/devise/controllers/helpers.rb', line 72 def warden request.env['warden'] end |