StackOverflow2013

Note that there are some explanatory texts on larger screens.

plurals

PODevise: Have multiple controllers handle user sessions
primarykey
Id
6143814
data
AcceptedAnswerId
0
AnswerCount
2
ClosedDate
CommentCount
0
CommunityOwnedDate
CreationDate
2011-05-26T19:12:34.337
FavoriteCount
1
LastActivityDate
2013-12-18T23:18:02.663
LastEditDate
2011-05-26T20:14:16.150
LastEditorUserId
517886
OwnerUserId
517886
ParentId
0
PostTypeId
1
Score
7
ViewCount
2510
LastEditorDisplayName
text
Body
I am running devise 1.3.4 with rails 3.0.7. I have two ways users may sign in: using the web app, and using a mobile web app (via a JSON API call). The first way is handled perfectly by the default devise sessions controller. The API-call method of authentication needs to be in a controller that extends my <code>Api::BaseController</code>. So, I wrote this second controller like this: <pre><code>class Api::UserSessionsController < Api::BaseController … def create user = warden.authenticate(:scope => :user) if user sign_in(:user, user) else # Do some error handling end end end </code></pre> Attempts to login via this method fail due to the <code>valid_controller?</code> method in <code>Devise::Strategies::Authenticatable</code>. Because I have left the default controller (<code>devise/sessions</code>) as the mapped controller for users, it does not allow authentications from my custom controller. I would like to roll my custom functionality into my own subclass of <code>Devise::SessionsController</code>, but I need the API sessions controller to extend the <code>API::BaseController</code>, so I can't extend <code>Devise::SessionsController</code> as well. I don't want to place the working, default-behavior web-app authentication methods in the API controller, especially because this would require copying them from the devise controller. Any suggestions? Is there some config I'm missing that allows multiple controllers to handle sessions? the <code>valid_controller?</code> method does an <code>==</code> comparison, not <code>.include?</code>, so I don't see how that would work. UPDATE This is an awful temporary workaround. I don't like it, so I'm not posting it as an answer, but I thought it might offer food-for-thought to all you answerer-types: In the top of my create method, I could override what Devise expects to be the sessions controller. <pre><code>Devise.mappings[:user].controllers[:sessions] = params[:controller] </code></pre> This is working around Devise's intended functionality (requiring a single, specific controller to do session creation) so I don't want to keep it. I wonder if this constraint is a security measure or just a convention -- if it is for security, this is presumably quite bad.
Tags
<ruby-on-rails-3><authentication><devise><warden>
Title
Devise: Have multiple controllers handle user sessions
singulars
PostAcceptedAnswerId
1. This table or related slice is empty.
PostParentId
1. This table or related slice is empty.
PostTypePostTypeId
1. PTQuestion
UserLastEditorUserId
1. USandrewmitchell
UserOwnerUserId
1. USandrewmitchell
plurals
PostLinksPostIdRelatedPostId
1. This table or related slice is empty.
PostLinksRelatedPostIdPostId
1. PL
 singulars
 LinkTypeLinkTypeId
 LTLinked
PostsAcceptedAnswerId
1. This table or related slice is empty.
PostsParentIdCreationDate
1. PO
 singulars
 PostTypePostTypeId
 PTAnswer
2. PO
 singulars
 PostTypePostTypeId
 PTAnswer
VotesPostIdCreationDate
1. VO
 singulars
 PostPostId
 PODevise: Have multiple controllers handle user sessions
 UserUserId
 This table or related slice is empty.
 VoteTypeVoteTypeId
 VTUpMod
2. VO
 singulars
 PostPostId
 PODevise: Have multiple controllers handle user sessions
 UserUserId
 This table or related slice is empty.
 VoteTypeVoteTypeId
 VTUpMod
3. VO
 singulars
 PostPostId
 PODevise: Have multiple controllers handle user sessions
 UserUserId
 This table or related slice is empty.
 VoteTypeVoteTypeId
 VTUpMod
CommentsPostId
1. This table or related slice is empty.

Querying!

Guidance

A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.