Skip to content

devise after_sign_in_path #1724

Closed
wenzowski opened this Issue Jun 3, 2012 · 4 comments

2 participants

@wenzowski

By my reading of the Devise docs, session[:refinery_user_return_to] should be the resource_return_to key in the session.

By this logic, I should be able to add the following snippet to a controller, and have a successful auth redirect to the correct method on the controller on successful auth.

after_filter :redirect_back_after_authentication

def redirect_back_after_authentication
  session[:refinery_user_return_to] = request.fullpath
end

I'm most likely doing something silly.

But I don't get what's going on with the refinery after_sign_in_path, as compared to the devise default.

I'm probably stuck because I don't understand how it is supporting "extension namespace isolation".

Much obliged,
Alex

@parndt
Refinery member
parndt commented Jun 3, 2012

This could be related to #1561

It looks like we're forcing a redirect to either the home path or the admin root path thus foiling any efforts to do anything else -- is that what you're seeing too @wenzowski ?

@wenzowski

I agree this does appear to be related.

@wenzowski wenzowski added a commit to wenzowski/refinerycms that referenced this issue Jun 4, 2012
@wenzowski wenzowski authentication redirection improvement #1724
- add tests for #1561 behaviour
- use unscoped session key to enable store_location to be used for login #1724
47dde82
@wenzowski

I've split the patch into two:

The bugfix should mean:

  • if an unauthenticated user accesses a controller action that has a before_filter :authenticate_#{scope}!
  • then the user will be redirect back to that controller action after a successful auth.

The feature:

Added session key check for unscoped return_to variable so that the key set by
Refinery::Admin::BaseController#store_location? is respected after successful auth.

An effect of this feature would be adding an after_filter :store_location to a controller method would return the user to this location after successful auth, even if this controller method is not authenticated by devise.

This sounds like desirable functionality to me. Your thoughts?

@parndt
Refinery member
parndt commented Jun 5, 2012

I've merged this into 2-0-stable and master 3e95485

@parndt parndt closed this Jun 5, 2012
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.