如何在 Devise 中注册后禁用自动登录
how to disable automatic sign-in after sign-up in Devise
我已经为此苦苦挣扎了几个小时。我在网上看了很多解决方案,但 none 似乎对我有用。
我有一个 class,管理员,用于注册用户。用户不能自己注册。但是,在管理员创建用户后,Devise 会自动为该用户创建会话,有效地让用户和管理员同时登录!
我尝试过以下解决方案:
Rails Devise prevent login immediately after Signup without using Confirmable
Override devise registrations controller
然而,它们并没有什么不同
这是rake routes
的相关部分
new_user_session GET /users/sign_in(.:format) devise/sessions#new
user_session POST /users/sign_in(.:format) devise/sessions#create
destroy_user_session DELETE /users/sign_out(.:format) devise/sessions#destroy
user_password POST /users/password(.:format) devise/passwords#create
new_user_password GET /users/password/new(.:format) devise/passwords#new
edit_user_password GET /users/password/edit(.:format) devise/passwords#edit
PATCH /users/password(.:format) devise/passwords#update
PUT /users/password(.:format) devise/passwords#update
cancel_user_registration GET /users/cancel(.:format) devise/registrations#cancel
user_registration POST /users(.:format) devise/registrations#create
new_user_registration GET /users/sign_up(.:format) devise/registrations#new
edit_user_registration GET /users/edit(.:format) devise/registrations#edit
PATCH /users(.:format) devise/registrations#update
PUT /users(.:format) devise/registrations#update
DELETE /users(.:format) devise/registrations#destroy
users GET /users(.:format) users#index
POST /users(.:format) users#create
new_user GET /users/new(.:format) users#new
edit_user GET /users/:id/edit(.:format) users#edit
user GET /users/:id(.:format) users#show
PATCH /users/:id(.:format) users#update
PUT /users/:id(.:format) users#update
DELETE /users/:id(.:format) users#destroy
在这种情况下使用 Devise 注册功能毫无意义。 Devise registrations 是一个现成的解决方案,用于提供最终用户注册,这与您想要的非常不同。
相反,合乎逻辑的解决方案是仅使用普通控制器操作。
# config/routes.rb
resources :users
class UsersController < ApplicationController
before_action :authenticate_user!
def new
@user = User.new
end
def create
@user = User.new(user_params)
if @user.save
redirect_to @user, notice: 'User created successfully.'
else
render :new
end
end
def user_params
params.require(:user).permit(:email, :password, :password_confirmation)
end
end
管理员将通过 /users/new 创建用户。
已添加
由 devise_for :users 创建的路由比通向 UsersController#create 的路由具有更高的优先级。
user_registration POST /users(.:format) devise/registrations#create
这是因为路由按照它们定义的顺序具有优先级。
基本修复是:
Rails.application.routes.draw do
# Recreatetes the Devise registrations routes
# They act on a singular user (the signed in user)
# "as: :user_registration" gives us the same named routes as devise_for
resource :users,
only: [:edit, :update, :delete],
controller: 'devise/registrations',
as: :user_registration do
get 'cancel'
end
devise_for :users, skip: [:registrations]
resources :users # creates the "normal" CRUD routes for users
end
我已经为此苦苦挣扎了几个小时。我在网上看了很多解决方案,但 none 似乎对我有用。
我有一个 class,管理员,用于注册用户。用户不能自己注册。但是,在管理员创建用户后,Devise 会自动为该用户创建会话,有效地让用户和管理员同时登录!
我尝试过以下解决方案: Rails Devise prevent login immediately after Signup without using Confirmable Override devise registrations controller
然而,它们并没有什么不同
这是rake routes
new_user_session GET /users/sign_in(.:format) devise/sessions#new
user_session POST /users/sign_in(.:format) devise/sessions#create
destroy_user_session DELETE /users/sign_out(.:format) devise/sessions#destroy
user_password POST /users/password(.:format) devise/passwords#create
new_user_password GET /users/password/new(.:format) devise/passwords#new
edit_user_password GET /users/password/edit(.:format) devise/passwords#edit
PATCH /users/password(.:format) devise/passwords#update
PUT /users/password(.:format) devise/passwords#update
cancel_user_registration GET /users/cancel(.:format) devise/registrations#cancel
user_registration POST /users(.:format) devise/registrations#create
new_user_registration GET /users/sign_up(.:format) devise/registrations#new
edit_user_registration GET /users/edit(.:format) devise/registrations#edit
PATCH /users(.:format) devise/registrations#update
PUT /users(.:format) devise/registrations#update
DELETE /users(.:format) devise/registrations#destroy
users GET /users(.:format) users#index
POST /users(.:format) users#create
new_user GET /users/new(.:format) users#new
edit_user GET /users/:id/edit(.:format) users#edit
user GET /users/:id(.:format) users#show
PATCH /users/:id(.:format) users#update
PUT /users/:id(.:format) users#update
DELETE /users/:id(.:format) users#destroy
在这种情况下使用 Devise 注册功能毫无意义。 Devise registrations 是一个现成的解决方案,用于提供最终用户注册,这与您想要的非常不同。
相反,合乎逻辑的解决方案是仅使用普通控制器操作。
# config/routes.rb
resources :users
class UsersController < ApplicationController
before_action :authenticate_user!
def new
@user = User.new
end
def create
@user = User.new(user_params)
if @user.save
redirect_to @user, notice: 'User created successfully.'
else
render :new
end
end
def user_params
params.require(:user).permit(:email, :password, :password_confirmation)
end
end
管理员将通过 /users/new 创建用户。
已添加
由 devise_for :users 创建的路由比通向 UsersController#create 的路由具有更高的优先级。
user_registration POST /users(.:format) devise/registrations#create
这是因为路由按照它们定义的顺序具有优先级。
基本修复是:
Rails.application.routes.draw do
# Recreatetes the Devise registrations routes
# They act on a singular user (the signed in user)
# "as: :user_registration" gives us the same named routes as devise_for
resource :users,
only: [:edit, :update, :delete],
controller: 'devise/registrations',
as: :user_registration do
get 'cancel'
end
devise_for :users, skip: [:registrations]
resources :users # creates the "normal" CRUD routes for users
end