CODEWITHSUNDEEP
rubyruby-on-rails-3authenticationdevise
Eric
Eric

Reputation: 429

Devise Authentication with Accounts and Users

I am working on implementing a top-level account that has many users.

I am working off the solution for this question: Use both Account and User tables with Devise

What works:

After user submits registration form (below) the user and account is created as desired.

What doesn't work:

The user is not being authenticated before the redirect_to accounts_path. In order to authenticate, the user must click login and enter the credentials they just signed up with. Instead I need the user to be authenticated before the redirect.

I've been working on this for a few hours, tried a few approaches, but nothing seems to work.

Could someone help me with the code to authenticate the user after the user/account is successfully created. THANKS!

Models

class Account < ActiveRecord::Base
  has_many :users, :inverse_of => :account, :dependent => :destroy
  accepts_nested_attributes_for :users
  attr_accessible :name, :users_attributes
end

class User < ActiveRecord::Base
  belongs_to :account, :inverse_of => :users
  validates :account, :presence => true
  devise :database_authenticatable, :registerable,
         :recoverable, :rememberable, :trackable, :validatable,
         :confirmable, :lockable, :timeoutable
  attr_accessible :email, :password, :password_confirmation, :remember_me
end

Routes

resources :accounts, :only => [:index, :new, :create, :destroy]
controllers/accounts_controller.rb

Controllers

class AccountsController < ApplicationController

  def new
    @account = Account.new
    @account.users.build # build a blank user or the child form won't display
  end

  def create
    @account = Account.new(params[:account])
    if @account.save
      flash[:success] = "Account created"
      redirect_to accounts_path
    else
      render 'new'
    end
  end

end

views/accounts/new.html.erb view

<h2>Create Account</h2>

<%= form_for(@account) do |f| %>
  <%= render 'shared/error_messages', :object => f.object %>
  <div class="field">
    <%= f.label :name %><br />
    <%= f.text_field :name %>
  </div>

  <%= f.fields_for :users do |user_form| %>
    <div class="field"><%= user_form.label :email %><br />
    <%= user_form.email_field :email %></div>
    <div class="field"><%= user_form.label :password %><br />
    <%= user_form.password_field :password %></div>
    <div class="field"><%= user_form.label :password_confirmation %><br />
    <%= user_form.password_field :password_confirmation %></div>
  <% end %>

  <div class="actions">
    <%= f.submit "Create account" %>
  </div>
<% end %>

Upvotes: 0

Views: 167

Answers (2)

maximus ツ
maximus ツ

Reputation: 8065

You need to add

  before_filter :authenticate_user!, :except => [:new,:create]

to accounts controller in order to provide authentication to rest of the actions

Upvotes: 1

Jon Cairns
Jon Cairns

Reputation: 11951

You need to manually sign the user in. In the accounts controller you need a sign_in(user), where user is the actual User model record that you want to sign in.

The problem with that is that you have a one account to many users relationship. Therefore, you'll need to get access to the single user somehow, e.g:

  def create
    @account = Account.new(params[:account])
    if @account.save
      sign_in(@account.users.first)
      flash[:success] = "Account created"
      redirect_to accounts_path
    else
      render 'new'
    end
  end

Upvotes: 1

Related Questions