Sha256: b02cc74f390bc8432b533d2bf95031d8a2d3cbbf51c647a77d501b9e22055708
Contents?: true
Size: 1.32 KB
Versions: 4
Compression:
Stored size: 1.32 KB
Contents
class ApplicationController < ActionController::Base
# Prevent CSRF attacks by raising an exception.
# For APIs, you may want to use :null_session instead.
protect_from_forgery with: :exception
before_filter :configure_permitted_parameters, if: :devise_controller?
before_filter :reject_locked!, if: :devise_controller?
# Devise permitted params
def configure_permitted_parameters
devise_parameter_sanitizer.for(:sign_up) { |u| u.permit(
:username,
:email,
:password,
:password_confirmation)
}
devise_parameter_sanitizer.for(:account_update) { |u| u.permit(
:username,
:email,
:password,
:password_confirmation,
:current_password
)
}
end
# Redirects on successful sign in
def after_sign_in_path_for(resource)
inside_path
end
# Auto-sign out locked users
def reject_locked!
if current_user && current_user.locked?
sign_out current_user
user_session = nil
current_user = nil
flash[:alert] = "Your account is locked."
flash[:notice] = nil
redirect_to root_url
end
end
helper_method :reject_locked!
# Only permits admin users
def require_admin!
authenticate_user!
if current_user && !current_user.admin?
redirect_to root_path
end
end
helper_method :require_admin!
end
Version data entries
4 entries across 4 versions & 3 rubygems