Reputation: 805
devise_inviteable - issue with GET users/invitation/accept?invitation_token=xxxx re-directed to sign_up
ruby '2.1.2'
rails (4.1.4)
devise (3.2.4)
devise_invitable (1.3.6)
routes.rb
devise_for :users, :controllers => { invitations: 'users/invitations' }
users/invitations_controller.rb
class Users::InvitationsController < Devise::InvitationsController
prepend_before_filter :require_no_authentication, :only => [:edit, :update, :destroy]
# i dont need to override anything
end
rake routes
accept_user_invitation GET /users/invitation/accept(.:format) users/invitations#edit
remove_user_invitation GET /users/invitation/remove(.:format) users/invitations#destroy
user_invitation POST /users/invitation(.:format) users/invitations#create
new_user_invitation GET /users/invitation/new(.:format) users/invitations#new
PATCH /users/invitation(.:format) users/invitations#update
PUT /users/invitation(.:format) users/invitations#update
every part of the application needs to be authenticated - except the accept_user_invitation path
my application controller does have:
class ApplicationController < ActionController::Base
before_action :authenticate_user!
end
Not sure why this is not working - anyone care to help me understand what I am doing incorrectly ? Every time I go to the URL I am redirected to signup
Thanks in advance. I am almost ready to roll my own !
Upvotes: 2
Views: 1554
Answers (1)
Reputation: 805
I figured out why devise_invitable was re-directing and that was because the invitation_token was incorrect.
When overriding the default behaviour to send your own email
user = User.invite!(params) do |u|
u.skip_invitation = true
u.invitation_sent_at = Time.now
u.invited_by_id = 1
u.invited_by_type = 'User'
end
Looking at the code: https://github.com/scambra/devise_invitable/blob/master/lib/devise_invitable/model.rb#L200
There is a temporary raw_invitation_token which is the actual token needed for your url and invitation_token which is encrypted. I have to admit there was some confusion here!
In your url generation the token you must use is raw_invitation_token as devise_invitable will decrypt this token: https://github.com/scambra/devise_invitable/blob/master/lib/devise_invitable/model.rb#L277
When I send the email or generate the link this works:
# use the raw_invitation_token rather than invition_token
# when generating your links for the mailer
token = user.raw_invitation_token
puts "#{accept_user_invitation_url(::ActionMailer::Base.default_url_options.merge({:invitation_token => token})) }"
Use the user.raw_invitation_token for your urls and the process works as intended
I have requested that the documents be improved and added a pull request - hope this helps someone
Upvotes: 2
Related Questions
- Devise invitable change accept_invitation_url
- Log in user after accept invitation using rails with devise_invitable
- Devise invitation generate accept_invitation_url
- Devise Invitable showing accepted invites
- Rails: Change devise_invitable message - "The invitation token provided is not valid!"
- Rails 4 devise_invitable invitation token invalid
- Devise::InvitationsController reports Unpermitted parameters
- Devise invite code
- Devise asks for confirmation before accepting invitation
- How do I resolve "Invitation token can't be blank" for DeviseInvitable