What does sign_in of devise do
sign_in
is for when you already have a User
object that you created or loaded/authenticated yourself and thus want to store in the session as the authenticated user for the rest of the current as well as upcoming requests.
If you look at the source code for the default Devise SessionsController
you'll see that it also uses sign_in
to log in a user.
Devise is a layer over warden, so you might want to look at its documentation to understand this level of functionality. As the Devise documentation you quoted states, sign_in
just calls the set_user
method from warden. What Devise adds on top is a lot of convenience like the ability to work with multiple scopes and various warden authentication strategies.
Related videos on Youtube
Mritunjay Upadhyay
Updated on November 14, 2022Comments
-
Mritunjay Upadhyay over 1 year
I am making rails api authentication using devise but could not understand properly what sign_in of devise is doing for us.
I have session controller with create method for sign in a user.
def create user_email = params[:session][:email] user_password = params[:session][:password] user = user_email.present? && User.find_by(email: user_email) if user.valid_password?(user_password) sign_in user, store: false /* exactly this line */ render json: user, status: 200, location: [:api, user] else render json: { errors: "Invalid email or password" }, status: 422 end end
On rubydoc its description is written like this
Sign in a user that already was authenticated. This helper is useful for logging users in after sign up. All options given to sign_in is passed forward to the set_user method in warden.
But it is not clear to me. Thanks.
-
Mritunjay Upadhyay almost 7 yearswhat I understand here is sign_in store user object in session as authenticate user.
-
Mritunjay Upadhyay almost 7 yearsDoes sign_in method make current_user available in rails?
-
Mritunjay Upadhyay almost 7 yearswhat is significance of store: false here
-
Marcus Ilgner almost 7 yearsThe
current_user
helper accesses the stored user from warden, yes. Addingstore: false
will not store it in the session butcurrent_user
will still be available for the remainder of the request.