I am using Devise in a project and have followed the steps to get started with Devise being used in my app.
I have also generated Devise views to support registration for my user model. How can I make the backend registration of the user to be integrated with the view?
I read this link
https://github.com/plataformatec/devise/wiki/How-To:-Change-Default-Sign_up---Registration-Path-with-Custom-Path
and it suggests devise/sessions#new for both sign in and registration.
Is that an example ? How can I add actions that would enable validation of the fields ? How can I add a successful registration to my database ?
Currently the Signup button redirects and loops me to the same page with login buttons.
What action should I edit in my user controller? Or should I override devise registration controller ?
Any inputs would be helpful.
Coming to adding a successful user registration to the database devise should be able to do that automatically if you have set it up correctly. Only thing is that you have to try various options in routes file to set up the flow that you want. To add validation to fields you can make use of the rails helper method 'validates'.
Related
I created a registration form using make:auth in laravel and I made some changes to it like below:
I want to create three separate registration forms(each form has slightly different inputs) such as normal user, special user, super user for example. So that any user can select the registration category they want. I read about spatie in laravel but I am only looking to a way to be able for user to choose the registration form and it changes accordingly on the same page.
Is there a way to do this?
I'm working on adding Google 2FA to my Laravel 5.5 app that is using the Laravel generated authentication methods.
I have the 2FA portions figured out, but I cannot for the life of me find where to inject the code to add the 2FA check to the login process.
I have already modified the form to show the 2FA field on the login form, but where do I put that check? I see the options to add it as middleware and apply that to certain pages, but I don't want to require 2FA on multiple pages, just on login.
I did finally find the controller file that handles authentication (vendor\laravel\framework\src\Illuminate\Foundation\Auth\AuthenticatesUsers.php), but I don't see anywhere in there that I could add the 2FA check (obviously I would overwrite the method in my own file, not modify the vendor file).
Any help would be greatly appreciated.
I have an app that uses devise for sign up and login. I'm trying to create the edit account page.
I was wondering if I can update the user information without using devise elements whatsoever, and I want to edit the controller for User.
If you don't want to use actions provided by devise, you can generate your own standard controller and implement edit action.
rails g controller Users edit
If you want to customize devise edit profile controller, then look at https://github.com/plataformatec/devise#configuring-controllers this link, it tells how to customize views and controllers.
I have the following relationship
User --> has_many: Articles
Article --> belongs_to: User
I need to create a public (not restricted) page to Publish an Article (with Title & Description), in the same page I need to add the SignIn / SignUp form (with the possibility to switch bitween the SignIn and SignUp with ajax).
After click to the Publish "Button", the behaviour is quite the same for SignIn and SignUp:
SignUp, the Article will be inserted as "Draft", and we will send an email to inform
SignIn, the Article will be inserted as "Draft", and we will send an email to complete the registration form
Which is the best approach?
Regards
See this thread:
How to add callback after registration with Rails3 and Devise
The key is, don't look to Devise, use callbacks on your model(s) and Rails nested forms for sending the data.
Also note, the authentication layer for Devise is Warden, which does have callbacks for sign in/out.
The question is too generic for this format. But here is what I can suggest. Check out a few railscasts. Start with this as I think it is closest to what you are looking at for front-end:
http://railscasts.com/episodes/196-nested-model-form-part-1
I have a site with a page that contains some tabs and when selecting one, its content is retrieved from the server using an AJAX call. Every tab is loaded through a different controller. For example, I have a Customer page which contains Products and Clients tabs.
The site has different types of users with different permission levels.
What I want to do is to protect the controllers, and show the content of the tabs only if the logged in user has permission. So if a user without permission enters the url of the controller, it should redirect to the login page. The url is like this:
http://localhost/MyApp/Products/1
where 1 is the database ID of the product.
I can implement these 2 solutions but none of them is optimal:
Use the ChildOnlyAction attribute. I would mark the actions of the Product controller with this attribute and render the tabs from the main view using RenderAction. But it would mean that all the tabs on the page would have to be rendered, which is not optimal because I only want to load the data when the user clicks on the tab.
On every request to the Product controller, I would make a database query using the ID of the record to check if the user has permission to access it. But this means that for every request I would have to run an extra query.
I'm wondering if there is a better approach to this.
Similar to what Romias has suggested. You can combine the Authorize meta-attribute with a custom IAuthorizationFilter filter.
When you implement the Authorize meta-attribute you specify a list of users or roles that should have permission to that action. This lacks the ability to use a database to specify which ID's a user should have access to.
It is this ID-to-User mapping where the IAuthorizationFilter comes in to play. In the filter you can check the current user against the database.
A sample IAuthorizationFilter and its usage can be found on the following page:
http://geekswithblogs.net/brians/archive/2010/07/08/implementing-a-custom-asp.net-mvc-authorization-filter.aspx
Have you tried using Authorize filter to decorate the controllers you want to protect?
[Authorize(Roles = "UserType1")]
You could also extend the Authorize filter to add your own logic.
Here you can see an example of extending Authorize filter: https://stackoverflow.com/a/428266/7720