Reputation: 34093
How to redirect unauthorized
For certain actions, like "signing in" or "sign up", I want to redirect user if she's already logged in.
Hence, I've created a method in the ApplicationController:
def kick_outable?
if current_user
redirect_to signout_path and return
end
end
But appearantly I cannot use that method in actions where there already is a render or redirect_to in the action. From error message:
Please note that you may only call render OR redirect, and at most once per action.
So, how do I solve this? How do I redirect someone that tries to access an action that shouldn't be able to?
Upvotes: 2
Views: 1725
Answers (2)
Reputation: 8003
To add to Enrique's answer. The execution of a method in controller continues even after render or redirect statements. So having multiple of those does not work unless the execution is stopped after one of them via a return.
# This works because it stops execution after first redirect if not current_user
def index
unless current_user
redirect_to root_path and return
end
redirect_to user_path
end
# This does not work as execution continues after check_user method
def check_user
unless current_user
redirect_to root_path and return
end
end
def index
check_user
redirect_to user_path
end
Upvotes: 1
Reputation: 221
You can use that method as a before_filter (do not invoke that method in an action) and should work as you expects.
Upvotes: 2
Related Questions
- Rails: send a 401 error without rendering a page
- Redirect with status: 401 hangs on "You are being redirected." How do I force redirect?
- Respond with a status unauthorised (401) with Rails 4
- Redirect user to root after trying to access a page without being authenticated to do so in rails
- How do I redirect signed-in Users attempt to access User.new and User.create in Ruby?
- Rails 3 redirecting
- Redirect to sign-in page if not authorized in Rails
- Proper Redirect Inside Rails Application
- Redirect to login page in production on a Rails app
- Rails Security: redirect if not current_user