Reputation: 2643
Devise before_filter authenticate_admin?
I added an admin role to Devise by adding a admin attribute.
Could you tell me if this is the right way to create a before_filter that requires an admin user to be signed:
in any controller:
before_filter :authenticate_admin!
in application_controller
protected
unless current_user.try(:admin?)
redirect_to :new_user_session_path
end
Upvotes: 12
Views: 16318
Answers (2)
Reputation: 3818
Go with this approach
before_filter :authenticate_user!
before_filter do
redirect_to new_user_session_path unless current_user && current_user.admin?
end
This also ensures any guests are forced to sign in as well. You don't need to modify the default method to force authentication just to access the instance method admin?
def admin?
self.admin == true
end
My approach is to create a role attribute and check its string value against a set of intended roles - it's far more flexible this way rather than having to create many boolean attributes.
Upvotes: 25
Reputation: 191
Looking at the answer above (by Michael De Silva), I had an issue with the code he used. He wrote the path as a symbol (:new_user_session_path), but I needed it to be a regular path helper (new_user_session_path). Until I changed this, I was getting errors, saying the path was invalid. (I am running Rails 5.)
Hope this is helpful to others!
Upvotes: 1
Related Questions
- Redirect Devise before_filter :authenticate_user to sign in path
- Rails: before_action :authenticate_admin! doesn't work
- Rails devise check for authenticate user without filter
- User Controller not correctly applying devise's before_filter authenticate_user
- before_filter require_login creates an infinite loop
- How to skip before_filter :authenticate_user! if current_admin_user?
- Using before_filter to check that an admin or a user is signed in
- Devise before_filter authenticate not working
- How to add authentication before filter to a rails 3 apps with devise for user sign up and sign in?
- Devise before_authenticate?