Cannot properly check if user is signed in before_action sessions controller

[JoeWoodward]

https://github.com/plataformatec/devise/blob/master/app/controllers/devise/sessions_controller.rb#L3

  prepend_before_action :allow_params_authentication!, only: :create

This line above seems to authenticate a user not just allow authentication.

I'm using a before_action which checks if a user is signed in or not. Obviously a session create action should have no authenticated user before hand, however due to this method allow_params_authentication! I'm always being returned true before the action is run.

I've fixed it for now by skipping the before_action and including the call in the create action

skip_before_action :allow_params_authentication!, only: :create

def create
  allow_params_authentication!
  ...
end

However I think there may actually be a deeper issue. Is it a problem with the way current_user and user_signed_in? works?

[obie]

bump

[tegon]

I'm closing this issue because it has not had recent activity.
If you're still facing this on the latest version, please open a new one with all the information requested in the template.

Thank you!