before_filter with devise

ruby-on-rails ruby-on-rails-3 devise before-filter

15,847

Solution 1

I would write a custom before filter that uses user_signed_in?. This will just return a boolean, and not do any of the redirect-type actions that authenticate_user! does.

So, you could write a before filter like this:

before_filter :custom_user_auth
...
def custom_user_auth
    unless user_signed_in?
        # Do custom stuff, ultimately restricting access to the 
        # ...protected resource if it needs to be
    end
end

Do note that this before filter won't protect your resource from unauthorized users unless the inside area of that unless statement redirects or renders.

Solution 2

Instead of calling before_filter :authenticate_user! write your own function in your controller that calls authenticate_user!. Something like:

before_filter :logged_in

...

private
def logged_in
  your_function
  authenticate_user!
end

15,847

user730569

Updated on May 31, 2022

Comments

user730569 almost 2 years

I'm using Devise's built in before_filter :authenticate_user!. I want to call my own custom method in my application helper if a user fails the before filter (tries to do an action when logged out). How and where can I do this?
user730569 about 13 years

can I put the method in my application controller?
andrewmitchell about 13 years

If you plan to use the before filter in multiple controllers, each of which extend the ApplicationController, then I'd define the function there. However, I would definitely not put the before_filter line in the application controller, since you probably only want to use this in certain instances.