#210 Customizing Devise

All I can add to my earlier note is what JValim posted on twitter "It's awesome how @rbates addresses in Devise's screencasts all frequent doubts people usually have on the mailing list".

For me Railscasts has always been about learning new things, tips and tricks. But also extending knowledge, clarifying things being unclear and work as a resource when coding.
Plenty of times I've come back to the casts to be reminded of things I've forgot. It's a great resource after all :)

I'm working on a project that will require three diff permissions groups. It looks like the devise way of doing things will require three different models. This seems silly to me... Can somebody point me in the right direction? Should I dump devise for something like cancan? I was really hoping Ryan would cover roles/permissions today.. Thanks in advance. And thank you for the free casts Ryan!

Thanks Ryan. This is really helpful.

I had taken a look at devise before, but stumbled on the documentation. Your screencasts are just the catalyst I needed to get going.

I often find this is the case with your 'casts. They are a great way of getting "oriented" around some new features and/or gems. In that way, they are extremely successful for someone like myself who really needs some initial hand holding and visual reinforcement before gaining sufficient confidence to jump into the official documentation.

Nevermind! Looks like I can combine Devise and CanCan. Thanks again!

Does anybody have any examples on how to roll a replacement register controller for devise?

That is what is needed as I understand it to add a nested form in the view.

@Greg, as you probably realized, Devise is for authentication (user logins) and CanCan is for authorization (user permissions) - both can be used together and don't really overlap.

Devise does have the ability to make a separate model for each role, but I generally prefer to keep them all in the User model and handle roles through either booleans or an associated table. Here's an example.

http://wiki.github.com/ryanb/cancan/role-based-authorization

@Patrick, See the "Configuring Controllers" section in the Devise readme. If that doesn't work I encourage you to post on their mailing list.

http://groups.google.com/group/plataformatec-devise

That said, you may not need to change the controller in order to add nested form fields. See episodes #196 and #197 for an example.

@ Samir - Beggers can't be picky.
@Railscasts Fan +1

From cast 1 to now I have seen a lot of improvement in how the casts are organized and edited; however, they have also become increasingly obfuscated, must have cascaded from scaffolding.

Does removing the :registerable disable the sign up form? I was looking to only have the sign up for accessible to admins but I was just curious to any of you guys knew off the top of your head.

Hi all!
Based on this screeencast, a really noob/beginner/dumb question:
How would you make the "edit", "destroy" and "new project" link to only appear if the user is authenticated?
Big thx and btw, awesome screencasts!

yeee...nevermind, i found that there is a helper method to verify if the user is signed in, "user_signed_in?".

@Branden
Removing the :registerable even removes all routes related to registration. Thus, you are not able to access the sign up form.

"The customizations were so basic that it doesn't deserve a cast."

@Samir the screencast may be basic to you but as one of Devise's developers I have to completely disagree with the affirmation above in the general sense.

Things like customizing the username is one of the most asked things in the mailing list and Ryan Bates shows how it can be done better than anyone could describe in an e-mail in Devise's mailing list.

Rails engines are new and even the basic questions, adding links to the layout showed in the previous screencast were already asked in the mailing list. So a big +1 for Ryan's work!

Great railscast as always! As a beginner, they really make the learning curve more comfortable :)

Would love to see you make a cast about integrating Facebook Connect with Devise using devise_facebook_connectable. Somehow I can't figure out what I'm doing wrong. I've followed every step, but <%= facebook_link :user %> does not even work as intended. Anyone know of any tutorials other than the official one?

Ryan:

Seeing that I absolutely love your CanCan gem, how would you recommend going about using CanCan with Devise.

One big problem I'm having is having Devise redirect to a stored location after a user logs in.

I believe that Devise has built-in "stored_location" functionality, but I can't for the life of me figure out how to use it.

The "redirect_to_target_or_default" and "store_target_location" methods of the authlogic gem obviously don't work.

@Alexis

You may want to check out the method `after_sign_in_path_for` in the devise documentation.

http://rdoc.info/projects/plataformatec/devise

Hope this helps a little. :)

accepts_nested_attributes_for

How the hell do you do it with devise??

Great casts, thank you.

I have a question about testing and devise, do you have any links to help simulate a login in functional tests.

Anyone know how to change the email server settings in Devise?

Nevermind, I figured it out. It is just standard action mailer settings.

Thanks Ryan, the tutorial worked great, but I have a question.

How can I have an app so multiple users can login but have their own account. For instance, if a new user sings up, a new (blank) instance of my app will be displayed to him.
Can devise help me do that?

I know it's a newbie question but I'm just starting with rails... thanks.

thx for this tutorial!
But I would appreciate it if you make a cast for including a oauth login with devise (e.g. a twitter login)

thx!

Ryan, I got a problem. I configure devise for authenticating with a username. But I realize that the username is not unique and when you register a new user it lets you duplicate.

Any idea?

I have the same problem as Rolando. I made the username as unique but it displayed error on submitting the form. Anyway to handle this?

Hey Ryan,

<obligatory praise>Excellent work on the screencasts - I think it's fair to say I would have given up on RoR in the first few weeks if it wasn't for your selfless work. Keep it up!</obligatory praise>

My question relates to the registration process.

Would it be possible to have the user simply submit their e-mail address as a unique identifier, and then change the confirmation e-mail to take you to a page where you then set up your password, first name, last name etc?

It's a registration method that I've only seen implemented a couple of times, but seems to make much more sense to me, as it makes the signup process appear much simpler to the user.

I've looked up the documentation on :activatable, but it's pretty thin on the ground.

A simple yes/no answer would suffice, but if you could at least give me some pointers as to how to start implementing it, i'd be eternally grateful.

If you could do a whole screencast on it, I'll name my first born after you :)

I was hoping to see controller customization also, but otherwise I loved it. Thanks so much!

Good God! I just marked about 100 comments as spam! Seriously, at least 100.

Anyway, I'm finding Devise super frustrating as I want to tinker in the Controller with member and collection routes -- and I don't see a way to do it. If I could create my own User MVC and just add acts_as_devise in the model, then I'd be happy.

So, I'm throwing this out and going back to Authlogic. My User model isn't as trivial as it appears Devise is willing to accommodate (unless I'm missing something).

I just wanted to throw an opinion out there about the topic itself.

@Rolando, zul

add the validate to the user model
app/models/user.rb:

validates_uniqueness_of :username

Best Regards

A followup Devise customisation cast showing how to build your own custom authorisation strategy would be great.

I'd appreciate if you can connect devise to your episode #217 for the signup process.. i need it badly because i've spent much time trying to connect it together

Yeah, getting Twitter oauth working on Devise is becoming a total pain. Nothing I can find seems to work. Keeping my fingers crossed someone at least updates the documentation for something other than GitHub oauth.

I wanted to update my previous comment. I've had an opinion reversal on Devise. After using Devise on another project, I am starting to see the light.

Just add your own User routes, controller and views, then add whatever you need to the generated model. Everything seems to work great so far for me.

Also, in case you are having problems getting gmail to work... I mentioned this in another comment (different episode): use your whole email address for user_name in your action mailer config, e.g. :user_name => 'user@gmail.com' not just :user_name => 'user'. I hope that saves someone some time.

Awesome. But, how do I customize the register of a user? I mean, not only email and password, I'd want to provide state and city, for example. So I put some code in the registrations/new.html.erb and it's fine, however also it's nice to edit, so I put some code in the registrations/edit.html.erb, and it did not work.
http://pastebin.com/VBmCc7NG
error: undefined method `avatar' for :user:Symbol

Any help?

Ryan, thanks so much for your railscasts. They are very well structured along with sources and dependencies. I would drown in rails without those.

Hi Ryan,

nice again! One question: for me the title helper method does not work because it's not known (undefined method `title' for #<#<Class:0x000001036106d0>:0x000001037527c8>). In other (not Devise) views it works like a charm. Could that be because Devise is Rack-based? Did I something wrong?

Thanks i.a.,
Mark

Hello, I 'm creating FaceBook like application and everything is centered around Person model. Status, Posts, Comments, Emails, Education, Employments, etc, are referenced to a Person model. Now I'm have an Account model created via devise to handle authentication. I'm not so sure how should I link between Person and Account! Should I replace Person with Account model and make reference to all other models? But, then difficulty I'm having is that all the actions will be generated by a Person, not an Account. I really like to separate Peron and Account. Account is suppose to really meant for authentication purposes only. One thing I'm thinking is to create a record in Person model, whenever an Account is registered. But then how do I override devise controller to insert a record in Person model? Any advise is greatly appreciated how to handle this situation.

Best REgards,
AM.

Hi Ryan-

Question for you that I couldn't find anywhere else. What if we are using "member" instead of "user"? Is there a way to configure that? I am, getting an error when my ability.rb and devise are configured around "member"

Thanks

Tommy

Question u changed the login so you can use username can you do something like config.authentication_keys = [ :username, :email ]
so that you could enter username or email into the box?

rails g devise:views has to be used instead of rails generate devise_views which is not deprecated in current versions of Rails and Devise.

I need to do two things:
1) Sign in and Sign Up on the same page.

2) Any time devise want's to redirect to 'sign_in', it needs to go to the afformentioned dual sign in/sign up page.

Im really dis-enjoying the limitations of devise since it is written funny.

One thing you missed in this Tutorial is .
Adding :username in accessible mode in user.rb (user model)
other

Hi Ryan, and thanks fpr the nice 'cast. As I used it everything went well..

But now, I am writing a server API call for the iPhone that will allow a user to log in via their email and password and return the auth_token, in the event that it gets "lost" (ie. new iPhone, app gets un-installed, etc) so that the app can store it in the device for authentication, where we normally pass

www.mydomain.com?auth_token=blah-blah

for all of the authentications on the calls we make

In rails remote API call:

user = User.where(:email => data['email'], :password =>
data['password']).firstuser = User.where(:email =>
data['email'], :password => data['password']).first

I need to "intercept" the Devise hidden controllers to be able to post the remote login call to my server and RETURN the authentication_token as the API response so that it can then be stored in the mobile device and used for subsequent
calls.

Does anybody have any ideas how I might do this?

Thanks,

Bill

Hi,
This video is excellent. However I have a dumb question (a bit new to rails world). I am building a social network site. So I have 2 users User-1 and User-2, Now how do I stop/restrict User-1 from editing or accessing a User-2 Profile (even though User-1 is signed_in). Can you please help me on this. I do not want User-1 to have access to User-2 account. I can put a dirty code to do the checks inside the controller, but would like to know if Devise has any such pre-built functionality to restrict (just like if signed_in?)

Regards
Madhukar

Just as UP4B LLC mentioned, rails g devise_views is deprecated. It's now rails g devise:views.

Source: (https://github.com/plataformatec/devise/issues/634)

Just a quick note:

This was a very awesome tutorial, but I fumbled around a bit with adding in the username. It worked when I manually updated the db fron the console, but it didn't work when I tried to create a new account. Needed to add this to /models/users.rb:

# Setup accessible (or protected) attributes for your model
attr_accessible :email, :username, :password, :password_confirmation

For any rookies out there like me, don't forget to add :username to this line. :-)

Ryan Bates - You rock! Worked awesome locally and on Heroku.

A comprehensible video!

Hello Ryan,

When I do the steps I still get a email can't be blank error message. Im trying to log in by username instead of email.

There is need to revise this video, we now have rails g devise:views for rails 3

Nice

Use rails g devise:views to generate the views

Please check my gem https://github.com/igorkasyanchuk/any_login
It can really make your life easier with changing logged in user.
Your feedback is appreciated.
Video: https://www.youtube.com/watch?v=978DlHvufSY&feature=youtu.be
PS: this is my first solid gem :) and I hope you will like it.