multiple devise model behaves differently #2190

Closed
jmaniv opened this Issue Dec 26, 2012 · 9 comments

Comments

Projects
None yet
3 participants

jmaniv commented Dec 26, 2012

I downloaded sample project from https://github.com/plataformatec/devise_example
I logged-in as admin and normal user in same browser. Again I tried to login to user sign_in page, devise restricting to login but it allows to login admin again(admin's sign_in page).
Same problem exists in my application also

jmaniv commented Dec 26, 2012

If I already signed-in with admin account then devise restricts admin sign-in page only when I plug-in :rememberable in my admin devise model.

Contributor

latortuga commented Jan 8, 2013

Is the behavior still there if you disable sign_out_all_scopes in config/initializers/devise.rb? I am having a hard time understanding exactly what the problem is so if you could type it out as steps, it would be helpful.

Owner

josevalim commented Jan 8, 2013

I have just tried this. I cannot access the sign in as admin page after i am signed in as admin. If you are signing out, please take a look at @latortuga suggestions above!

@josevalim josevalim closed this Jan 8, 2013

jmaniv commented Jan 31, 2013

@josevalim have you manually change the URL as localhost:3000/admin/sign_in. devise allow to render admin login form even signed in as admin.

Steps to reproduce:

  1. sign-in as User
  2. sign-in as admin
    (now you can have sign out link for both accounts)
  3. Now manually change the user's sign-in URL as localhost:3000/users/sign_in, devise will redirect to index page of home controller with flash message as "You are already signed in."

Problem:
4. Again change the admin's sign-in URL as localhost:3000/admin/sign_in, devise will render admin login form. But actually it should redirect with flash message.

@latortuga behavior still exists even disable sign_out_all_scopes.

latortuga added a commit to latortuga/devise that referenced this issue Jan 31, 2013

Add test for Issue #2190
Seems to be passing for me.
Contributor

latortuga commented Jan 31, 2013

@jmaniv I wrote a test trying to reproduce your issue and couldn't get it to work with the devise test app. Now this doesn't mean that your issue isn't real, merely that we haven't reproduced it yet. Do you think you could try to write a failing test for the example app (submit a Pull Request to it) that shows the behavior?

jmaniv commented Feb 1, 2013

@latortuga sorry i haven't tried with test case, I just test manually as I said above (refer my previous comment)
I have attached sample project https://github.com/jmaniv/multi_login_with_devise, can you please checkout and verify it?

Contributor

latortuga commented Feb 1, 2013

@josevalim I just realized that this bug report is for devise 1.4. What's the policy on updates to old versions? I can try to track this down (his example app does indeed exhibit the behavior he says) but I don't want to do it if the policy is not to push updates to the 1.4 series anymore.

Owner

josevalim commented Feb 1, 2013

We don't maintain old versions. Thanks @latortuga for the hard work!

@jmaniv that's the reason we ask in the CONTRIBUTING.md file to list the Rails, Devise and Warden versions when submitting a bug report. It saves everyone time.

josevalim added a commit that referenced this issue Feb 1, 2013

jmaniv commented Feb 2, 2013

I downloaded and tested the sample project from your official site and I have mentioned this url in my first post.
You have mentioned Rails and Devise version clearly on the README.md page of the project(This will install Rails 3, sqlite3-ruby gem and Devise 1.4.7).
Sorry for not declaring the versions. Since you have already declared these in the README.md page, so I left it out.

@latortuga Thanks for your good effort.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment