Devise - Authenticate user (after validations) on a create action?

Up vote 0 down vote favorite share g+ share fb share tw.

Using Devise, I know how to protect controller actions from non-signed-in users through: before_filter :authenticate_user! In order to illustrate what I am trying to achieve, please see an example: I have the following controller: (a project belongs to a user) projects_controller. Rb def create @project = current_user.projects.

New(params:project) if @project. Save redirect_to @project else render :action => 'new' end end What I am looking for is a way that users can interact more with the website before having to sign up/sign in. Something like: after_validation :authenticate_user!

If the user is not signed in, and redirect him after success (sign up/sign in) to the "project" show page. Things I thought: 1. ) Change the controller in order to accept a project object without user_id, ask for authentication if the user is not signed in, then update attributes with the user_id I try to do it like this first and it results to a very ugly code.

(Moreover authenticate_user! Doesn't redirect to the @project which lead to more customization) 2. ) Create a wizard with nested_attributes (project form and nested new registration form and session form) 3.

) Something better? (a custom method? ) It seems authologic manages this more easily.

I'm not sure it is a reason to switch so I would like to have your idea/answer on this. Thanks! EDIT references: Peter Ehrlich answer comment CONTROLLER WITH VALIDATIONS LOGIC projects_controller.

Rb def create unless current_user @project = Project. New(params:project) # create a project variable used only for testing validation (this variable will change in resume project method just before being saved) if @project. Valid?

# test if validations pass session'new_project' = params:project redirect_to '/users/sign_up' else render :action => 'new' end else @project = current_user.projects. New(params:project) if @project. Save redirect_to @project else render :action => 'new' end end end def resume_project @project = current_user.projects.

New(session. Delete('new_project')) # changes the @project variable @project. Save redirect_to @project end routes get "/resume_project", :controller => 'projects', :action => 'resume_project' application_controller.

Rb class ApplicationController.

Something like this should work: def create unless current_user session'new_project' = params:project redirect_to '/register' return end # and on to normal stuff # in your devise controller def after_sign_in_path return '/resume_project' if session'new_project'. Present? Super end # back in projects_controller now def resume_project @project.

Create(session. Delete('new_project')) # you know the drill from here # I'd also put in a check to make an error if the session is not set- in case they reload or some such Keep in mind that session is a cookie in the browser, and thus has a size limit (4kb). If you're posting images or other media, you'll have to store them temporarily server-side.

Another option would be to create a userless project, and use a similar technique to allow them to claim it as their own. This would be nice if you wanted unclaimed projects displayed to all to be available as a flow.

Thanks it seems to work great! I've just 2 more things to clarify. I've updated my question with the code adding some validations logic in the controller.

I would be pleased to know if you would manage it like this. Moreover, it seems I would have attachement (>4kb) in the form. Do you have some resources to understand how I can store these without session?

Many thanks! – benoitr Dec 24 '11 at 7:07 1 You could use a database (api.rubyonrails.org/classes/ActiveRecord...) or something like redis (github.com/mattmatt/redis-session-store) to store session data, instead of cookies. – rkb Dec 24 '11 at 7:30 code looks nice.

I would move the case of failed validation up, to avoid repeating the render action: 'new'. For the routes you can use a shorthand "projects#resume_project". Session store would work fine, although I've never used it.

It fell out of favor because its not as zippy as a cookie store, although I doubt that matters here. An alternative would be to make your own db session store - holding tables w/ session id and attachment. But then you'd have to manage, maintain, clean, blah, blah, blah.. – Peter Ehrlich Dec 24 '11 at 16:51.

I haven't tested it out, but it should be possible to store the action the user was going to, I.e. Create, with the params hash that was submitted and redirect to it upon successful login. It would then handle the error cases as normal.

Have you tried that?

I cant really gove you an answer,but what I can give you is a way to a solution, that is you have to find the anglde that you relate to or peaks your interest. A good paper is one that people get drawn into because it reaches them ln some way.As for me WW11 to me, I think of the holocaust and the effect it had on the survivors, their families and those who stood by and did nothing until it was too late.