module Devise::Controllers::Helpers

Those helpers are convenience methods added to ApplicationController.

Public Instance Methods

after_sign_in_path_for(resource_or_scope) click to toggle source

The default url to be used after signing in. This is used by all Devise controllers and you can overwrite it in your ApplicationController to provide a custom hook for a custom resource.

By default, it first tries to find a valid resource_return_to key in the session, then it fallbacks to resource_root_path, otherwise it uses the root path. For a user scope, you can define the default url in the following way:

map.user_root '/users', :controller => 'users' # creates user_root_path

map.namespace :user do |user|
  user.root :controller => 'users' # creates user_root_path
end

If the resource root path is not defined, root_path is used. However, if this default is not enough, you can customize it, for example:

def after_sign_in_path_for(resource)
  stored_location_for(resource) ||
    if resource.is_a?(User) && resource.can_publish?
      publisher_url
    else
      super
    end
end
# File lib/devise/controllers/helpers.rb, line 218
def after_sign_in_path_for(resource_or_scope)
  stored_location_for(resource_or_scope) || signed_in_root_path(resource_or_scope)
end
after_sign_out_path_for(resource_or_scope) click to toggle source

Method used by sessions controller to sign out a user. You can overwrite it in your ApplicationController to provide a custom hook for a custom scope. Notice that differently from after_sign_in_path_for this method receives a symbol with the scope, and not the resource.

By default it is the root_path.

# File lib/devise/controllers/helpers.rb, line 228
def after_sign_out_path_for(resource_or_scope)
  respond_to?(:root_path) ? root_path : "/"
end
allow_params_authentication!() click to toggle source

Tell warden that params authentication is allowed for that specific page.

# File lib/devise/controllers/helpers.rb, line 84
def allow_params_authentication!
  request.env["devise.allow_params_authentication"] = true
end
devise_controller?() click to toggle source

Return true if it’s a devise_controller. false to all controllers unless the controllers defined inside devise. Useful if you want to apply a before filter to all controllers, except the ones in devise:

before_filter :my_filter, :unless => :devise_controller?
# File lib/devise/controllers/helpers.rb, line 79
def devise_controller?
  is_a?(DeviseController)
end
expire_session_data_after_sign_in!() click to toggle source
# File lib/devise/controllers/helpers.rb, line 243
def expire_session_data_after_sign_in!
  session.keys.grep(%r^devise\./).each { |k| session.delete(k) }
end
handle_unverified_request() click to toggle source

Overwrite Rails’ handle unverified request to sign out all scopes, clear run strategies and remove cached variables.

# File lib/devise/controllers/helpers.rb, line 258
def handle_unverified_request
  sign_out_all_scopes(false)
  request.env["devise.skip_storage"] = true
  expire_devise_cached_variables!
  super # call the default behaviour which resets the session
end
sign_in(resource_or_scope, *args) click to toggle source

Sign in a user that already was authenticated. This helper is useful for logging users in after sign up.

All options given to #sign_in is passed forward to the set_user method in warden. The only exception is the :bypass option, which bypass warden callbacks and stores the user straight in session. This option is useful in cases the user is already signed in, but we want to refresh the credentials in session.

Examples:

sign_in :user, @user                      # sign_in(scope, resource)
sign_in @user                             # sign_in(resource)
sign_in @user, :event => :authentication  # sign_in(resource, options)
sign_in @user, :bypass => true            # sign_in(resource, options)
# File lib/devise/controllers/helpers.rb, line 111
def sign_in(resource_or_scope, *args)
  options  = args.extract_options!
  scope    = Devise::Mapping.find_scope!(resource_or_scope)
  resource = args.last || resource_or_scope

  expire_session_data_after_sign_in!

  if options[:bypass]
    warden.session_serializer.store(resource, scope)
  elsif warden.user(scope) == resource && !options.delete(:force)
    # Do nothing. User already signed in and we are not forcing it.
    true
  else
    warden.set_user(resource, options.merge!(:scope => scope))
  end
end
sign_in_and_redirect(resource_or_scope, *args) click to toggle source

Sign in a user and tries to redirect first to the stored location and then to the url specified by after_sign_in_path_for. It accepts the same parameters as the #sign_in method.

# File lib/devise/controllers/helpers.rb, line 235
def sign_in_and_redirect(resource_or_scope, *args)
  options  = args.extract_options!
  scope    = Devise::Mapping.find_scope!(resource_or_scope)
  resource = args.last || resource_or_scope
  sign_in(scope, resource, options)
  redirect_to after_sign_in_path_for(resource)
end
sign_out(resource_or_scope=nil) click to toggle source

Sign out a given user or scope. This helper is useful for signing out a user after deleting accounts. Returns true if there was a logout and false if there is no user logged in on the referred scope

Examples:

sign_out :user     # sign_out(scope)
sign_out @user     # sign_out(resource)
# File lib/devise/controllers/helpers.rb, line 137
def sign_out(resource_or_scope=nil)
  return sign_out_all_scopes unless resource_or_scope
  scope = Devise::Mapping.find_scope!(resource_or_scope)
  user = warden.user(:scope => scope, :run_callbacks => false) # If there is no user

  warden.raw_session.inspect # Without this inspect here. The session does not clear.
  warden.logout(scope)
  warden.clear_strategies_cache!(:scope => scope)
  instance_variable_set(:"@current_#{scope}", nil)

  !!user
end
sign_out_all_scopes(lock=true) click to toggle source

Sign out all active users or scopes. This helper is useful for signing out all roles in one click. This signs out ALL scopes in warden. Returns true if there was at least one logout and false if there was no user logged in on all scopes.

# File lib/devise/controllers/helpers.rb, line 153
def sign_out_all_scopes(lock=true)
  users = Devise.mappings.keys.map { |s| warden.user(:scope => s, :run_callbacks => false) }

  warden.raw_session.inspect
  warden.logout
  expire_devise_cached_variables!
  warden.clear_strategies_cache!
  warden.lock! if lock

  users.any?
end
sign_out_and_redirect(resource_or_scope) click to toggle source

Sign out a user and tries to redirect to the url specified by after_sign_out_path_for.

# File lib/devise/controllers/helpers.rb, line 249
def sign_out_and_redirect(resource_or_scope)
  scope = Devise::Mapping.find_scope!(resource_or_scope)
  redirect_path = after_sign_out_path_for(scope)
  Devise.sign_out_all_scopes ? sign_out : sign_out(scope)
  redirect_to redirect_path
end
signed_in?(scope=nil) click to toggle source

Return true if the given scope is signed in session. If no scope given, return true if any scope is signed in. Does not run authentication hooks.

# File lib/devise/controllers/helpers.rb, line 90
def signed_in?(scope=nil)
  [ scope || Devise.mappings.keys ].flatten.any? do |_scope|
    warden.authenticate?(:scope => _scope)
  end
end
signed_in_root_path(resource_or_scope) click to toggle source

The scope root url to be used when he’s signed in. By default, it first tries to find a resource_root_path, otherwise it uses the root_path.

# File lib/devise/controllers/helpers.rb, line 179
def signed_in_root_path(resource_or_scope)
  scope = Devise::Mapping.find_scope!(resource_or_scope)
  home_path = "#{scope}_root_path"
  if respond_to?(home_path, true)
    send(home_path)
  elsif respond_to?(:root_path)
    root_path
  else
    "/"
  end
end
stored_location_for(resource_or_scope) click to toggle source

Returns and delete the url stored in the session for the given scope. Useful for giving redirect backs after sign up:

Example:

redirect_to stored_location_for(:user) || root_path
# File lib/devise/controllers/helpers.rb, line 172
def stored_location_for(resource_or_scope)
  scope = Devise::Mapping.find_scope!(resource_or_scope)
  session.delete("#{scope}_return_to")
end
warden() click to toggle source

The main accessor for the warden proxy instance

# File lib/devise/controllers/helpers.rb, line 70
def warden
  request.env['warden']
end