Module: Devise::Controllers::Helpers

Extended by:
ActiveSupport::Concern
Includes:
SignInOut, StoreLocation
Defined in:
lib/devise/controllers/helpers.rb

Overview

Those helpers are convenience methods added to ApplicationController.

Defined Under Namespace

Modules: ClassMethods

Class Method Summary (collapse)

Instance Method Summary (collapse)

Methods included from StoreLocation

#store_location_for, #stored_location_for

Methods included from SignInOut

#sign_in, #sign_out, #sign_out_all_scopes, #signed_in?

Class Method Details

+ (Object) define_helpers(mapping)

Define authentication filters and accessor helpers based on mappings. These filters should be used inside the controllers as before_filters, so you can control the scope of the user who should be signed in to access that specific controller/action. Example:

Roles:
  User
  Admin

Generated methods:
  authenticate_user!  # Signs user in or redirect
  authenticate_admin! # Signs admin in or redirect
  user_signed_in?     # Checks whether there is a user signed in or not
  admin_signed_in?    # Checks whether there is an admin signed in or not
  current_user        # Current signed in user
  current_admin       # Current signed in admin
  user_session        # Session data available only to the user scope
  admin_session       # Session data available only to the admin scope

Use:
  before_filter :authenticate_user!  # Tell devise to use :user map
  before_filter :authenticate_admin! # Tell devise to use :admin map


44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
# File 'lib/devise/controllers/helpers.rb', line 44

def self.define_helpers(mapping) #:nodoc:
  mapping = mapping.name

  class_eval <<-METHODS, __FILE__, __LINE__ + 1
    def authenticate_#{mapping}!(opts={})
      opts[:scope] = :#{mapping}
      warden.authenticate!(opts) if !devise_controller? || opts.delete(:force)
    end

    def #{mapping}_signed_in?
      !!current_#{mapping}
    end

    def current_#{mapping}
      @current_#{mapping} ||= warden.authenticate(scope: :#{mapping})
    end

    def #{mapping}_session
      current_#{mapping} && warden.session(:#{mapping})
    end
  METHODS

  ActiveSupport.on_load(:action_controller) do
    helper_method "current_#{mapping}", "#{mapping}_signed_in?", "#{mapping}_session"
  end
end

Instance Method Details

- (Object) after_sign_in_path_for(resource_or_scope)

The default url to be used after signing in. This is used by all Devise controllers and you can overwrite it in your ApplicationController to provide a custom hook for a custom resource.

By default, it first tries to find a valid resource_return_to key in the session, then it fallbacks to resource_root_path, otherwise it uses the root path. For a user scope, you can define the default url in the following way:

map.user_root '/users', controller: 'users' # creates user_root_path

map.namespace :user do |user|
  user.root controller: 'users' # creates user_root_path
end

If the resource root path is not defined, root_path is used. However, if this default is not enough, you can customize it, for example:

def (resource)
  stored_location_for(resource) ||
    if resource.is_a?(User) && resource.can_publish?
      publisher_url
    else
      super
    end
end


142
143
144
# File 'lib/devise/controllers/helpers.rb', line 142

def (resource_or_scope)
  stored_location_for(resource_or_scope) || signed_in_root_path(resource_or_scope)
end

- (Object) after_sign_out_path_for(resource_or_scope)

Method used by sessions controller to sign out a user. You can overwrite it in your ApplicationController to provide a custom hook for a custom scope. Notice that differently from after_sign_in_path_for this method receives a symbol with the scope, and not the resource.

By default it is the root_path.



152
153
154
# File 'lib/devise/controllers/helpers.rb', line 152

def after_sign_out_path_for(resource_or_scope)
  respond_to?(:root_path) ? root_path : "/"
end

- (Object) allow_params_authentication!

Tell warden that params authentication is allowed for that specific page.



97
98
99
# File 'lib/devise/controllers/helpers.rb', line 97

def allow_params_authentication!
  request.env["devise.allow_params_authentication"] = true
end

- (Boolean) devise_controller?

Return true if it's a devise_controller. false to all controllers unless the controllers defined inside devise. Useful if you want to apply a before filter to all controllers, except the ones in devise:

before_filter :my_filter, unless: :devise_controller?

Returns:

  • (Boolean)


81
82
83
# File 'lib/devise/controllers/helpers.rb', line 81

def devise_controller?
  is_a?(::DeviseController)
end

- (Object) devise_parameter_sanitizer

Setup a param sanitizer to filter parameters using strong_parameters. See lib/devise/parameter_sanitizer.rb for more info. Override this method in your application controller to use your own parameter sanitizer.



88
89
90
91
92
93
94
# File 'lib/devise/controllers/helpers.rb', line 88

def devise_parameter_sanitizer
  @devise_parameter_sanitizer ||= if defined?(ActionController::StrongParameters)
    Devise::ParameterSanitizer.new(resource_class, resource_name, params)
  else
    Devise::BaseSanitizer.new(resource_class, resource_name, params)
  end
end

- (Object) handle_unverified_request

Overwrite Rails' handle unverified request to sign out all scopes, clear run strategies and remove cached variables.



178
179
180
181
182
# File 'lib/devise/controllers/helpers.rb', line 178

def handle_unverified_request
  super # call the default behaviour which resets/nullifies/raises
  request.env["devise.skip_storage"] = true
  sign_out_all_scopes(false)
end

- (Boolean) is_flashing_format?

Check if flash messages should be emitted. Default is to do it on navigational formats

Returns:

  • (Boolean)


194
195
196
# File 'lib/devise/controllers/helpers.rb', line 194

def is_flashing_format?
  is_navigational_format?
end

- (Boolean) is_navigational_format?

Returns:

  • (Boolean)


188
189
190
# File 'lib/devise/controllers/helpers.rb', line 188

def is_navigational_format?
  Devise.navigational_formats.include?(request_format)
end

- (Object) request_format



184
185
186
# File 'lib/devise/controllers/helpers.rb', line 184

def request_format
  @request_format ||= request.format.try(:ref)
end

- (Object) sign_in_and_redirect(resource_or_scope, *args)

Sign in a user and tries to redirect first to the stored location and then to the url specified by after_sign_in_path_for. It accepts the same parameters as the sign_in method.



159
160
161
162
163
164
165
# File 'lib/devise/controllers/helpers.rb', line 159

def (resource_or_scope, *args)
  options  = args.extract_options!
  scope    = Devise::Mapping.find_scope!(resource_or_scope)
  resource = args.last || resource_or_scope
  (scope, resource, options)
  redirect_to (resource)
end

- (Object) sign_out_and_redirect(resource_or_scope)

Sign out a user and tries to redirect to the url specified by after_sign_out_path_for.



169
170
171
172
173
174
# File 'lib/devise/controllers/helpers.rb', line 169

def sign_out_and_redirect(resource_or_scope)
  scope = Devise::Mapping.find_scope!(resource_or_scope)
  redirect_path = after_sign_out_path_for(scope)
  Devise.sign_out_all_scopes ? sign_out : sign_out(scope)
  redirect_to redirect_path
end

- (Object) signed_in_root_path(resource_or_scope)

The scope root url to be used when they're signed in. By default, it first tries to find a resource_root_path, otherwise it uses the root_path.



103
104
105
106
107
108
109
110
111
112
113
# File 'lib/devise/controllers/helpers.rb', line 103

def signed_in_root_path(resource_or_scope)
  scope = Devise::Mapping.find_scope!(resource_or_scope)
  home_path = "#{scope}_root_path"
  if respond_to?(home_path, true)
    send(home_path)
  elsif respond_to?(:root_path)
    root_path
  else
    "/"
  end
end

- (Object) warden

The main accessor for the warden proxy instance



72
73
74
# File 'lib/devise/controllers/helpers.rb', line 72

def warden
  request.env['warden']
end