Devise
Last updated
Last updated
Devise is one of the most popular gems for authentication. Find out more about Devise .
In order to integrate it fully in Matestack apps and pages we need to adjust a few things. This guide explains what exactly needs to be adjusted.
We can access devise helper methods inside our controllers, apps, pages and components like we would normally do. In case of our user model this means we could access current_user
or user_signed_in?
in apps, pages and components.
For example:
In our controller we also use devise like it is described by devise documentation. For example checking a user is authenticated before he can access a specific controller by calling authenticate_user!
in a before action.
Using the default devise sign in views should work without a problem, but you can't use Matestack's features on the. If we want to take advantage of them, you can setup the views like shown below:
First we create a custom sign in page containing a form with email and password inputs.
app/matestack/sessions/sign_in.rb
and a minimal layout:
app/matestack/sessions/layout.rb
This page displays a form with an email and password input. The default required parameters for a devise sign in. It also contains a toggle
component which gets shown when the event sign_in_failure
is emitted. This event gets emitted in case our form submit was unsuccessful as we specified it in our form_config
hash. If the form is successful our app will make a transition to the page the server would redirect to.
In order to render our sign in page when someone tries to access a route which needs authentication or visits the sign in page we must override devise session controller in order to render our page. We do this by configuring our routes to use a custom controller.
app/config/routes.rb
Override the new
action in order to render our sign in page and set the correct Matestack app in the controller.
app/controllers/users/sessions_controller.rb
Notice the method: :get
in the configuration hash. We use a http GET request to sign out, because the browser will follow the redirect send from devise session controller and then Matestack tries to load the page where we have been redirected to. When we would use a DELETE request the action we would be redirected to from the browser will be also requested with a http DELETE request, which will result in a rails routing error. Therefore we use GET and need to configure devise accordingly by changing the sign_out_via
configuration parameter.
config/initializers/devise.rb
Creating a sign out button in Matestack is very straight forward. We use matestacks to create a sign out button. See the example below: