如何将Devise路径限制为仅限新的/销毁会话& OmniAuth路线?

时间:2015-02-15 18:01:49

标签: ruby-on-rails-4 devise

我使用Devise / OmniAuth(使用Facebook登录),我试图将Devise路线限制为只是这个,因为我只想允许通过Facebook登录

                  Prefix Verb     URI Pattern                            Controller#Action
        new_user_session GET      /users/sign_in(.:format)               devise/sessions#new
    destroy_user_session DELETE   /users/sign_out(.:format)              devise/sessions#destroy
 user_omniauth_authorize GET|POST /users/auth/:provider(.:format)        callbacks#passthru {:provider=>/facebook/}
  user_omniauth_callback GET|POST /users/auth/:action/callback(.:format) callbacks#:action

但相反,我似乎无法将这些路线缩减至低于此值的任何路线(不会同时吹走new_user_sessiondestroy_user_session):

                  Prefix Verb     URI Pattern                            Controller#Action
        new_user_session GET      /users/sign_in(.:format)               devise/sessions#new
            user_session POST     /users/sign_in(.:format)               devise/sessions#create
    destroy_user_session DELETE   /users/sign_out(.:format)              devise/sessions#destroy
 user_omniauth_authorize GET|POST /users/auth/:provider(.:format)        callbacks#passthru {:provider=>/facebook/}
  user_omniauth_callback GET|POST /users/auth/:action/callback(.:format) callbacks#:action
           user_password POST     /users/password(.:format)              devise/passwords#create
       new_user_password GET      /users/password/new(.:format)          devise/passwords#new
      edit_user_password GET      /users/password/edit(.:format)         devise/passwords#edit
                         PATCH    /users/password(.:format)              devise/passwords#update
                         PUT      /users/password(.:format)              devise/passwords#update
cancel_user_registration GET      /users/cancel(.:format)                registrations#cancel
       user_registration POST     /users(.:format)                       registrations#create
   new_user_registration GET      /users/sign_up(.:format)               registrations#new
  edit_user_registration GET      /users/edit(.:format)                  registrations#edit
                         PATCH    /users(.:format)                       registrations#update
                         PUT      /users(.:format)                       registrations#update
                         DELETE   /users(.:format)                       registrations#destroy

我发现的其他一些问题(例如this one)表明:skip中的routes.rb可以提供帮助,例如:

devise_for :users, :skip => [:sessions, :registrations]

这种方法的问题在于它会吹走new_user_sessiondestroy_user_session。基本上,我希望用户能够导航到登录页面(new_user_session_path)并退出(通过destroy_user_session_path)。

我想我在这里错过了一些基本概念,但我不确定它是什么。基本上,我想禁用这些路线:

  • devise/sessions#create(如果登录始终通过Facebook,我为什么需要它)
  • devise/passwords#create
  • devise/passwords#new
  • devise/passwords#edit
  • devise/passwords#update
  • registrations#cancel
  • registrations#create
  • registrations#new
  • registrations#edit
  • registrations#update
  • registrations#destroy

我怎么能做到这一点? (或者我试图做的事情是否有意义?)

1 个答案:

答案 0 :(得分:3)

您可以通过移除devise_for电话并使用devise_scope来定义单个路线,如下所示:

# routes.rb

devise_scope :user do
  get 'sign_in', to: 'devise/sessions#new', as: :new_user_session
  delete 'sign_out', to: 'devise/sessions#destroy', as: :destroy_user_session
  # etc...
end

然后,您将对Devise路线进行精细控制。

希望有所帮助。

相关问题
最新问题