adding "after_sign_in" and "after_sign_out" hooks
1,202 views
Skip to first unread message
GoNZoYuMo
Aug 23, 2010, 10:26:07 AM8/23/10
to Devise
Hi folks !
I'm using devise 1.0.8 with Rails 2.3.8 but I'm also intrested by
answers concerning devise 1.1.x and Rails 3 has our app will certainly
be updated when it will be released.
I was trying to do something and as I didn't find a clean way to
achieve it, I suggest a feature : adding "after_sign_in" and
"after_sign_out" hooks that we could use to execute some code just
right after those actions are performed but before the redirect call.
The way I tried to do that is in this gist : https://gist.github.com/ccc87a1ab9645dbf2cda
But doing this way (overriding sign_in and sign_out helpers) is wrong
as some times the sign_in method is not called (IE : on session
creation it is skipped).
I also tried it by hacking after_sign_out_path_for and
after_sign_in_path_for but this is meaningless for this purpose and
there is still a bad point : if there is a stored_location, the
after_sign_in_path_for method will not be fired.
Is there another way to achieve that ? If not, I assume I'll be on my
way to hack devise 1.0.x but is this a valuable feature request for
Devise 1.1.x ?
best regards,
Olivier.
I'm using devise 1.0.8 with Rails 2.3.8 but I'm also intrested by
answers concerning devise 1.1.x and Rails 3 has our app will certainly
be updated when it will be released.
I was trying to do something and as I didn't find a clean way to
achieve it, I suggest a feature : adding "after_sign_in" and
"after_sign_out" hooks that we could use to execute some code just
right after those actions are performed but before the redirect call.
The way I tried to do that is in this gist : https://gist.github.com/ccc87a1ab9645dbf2cda
But doing this way (overriding sign_in and sign_out helpers) is wrong
as some times the sign_in method is not called (IE : on session
creation it is skipped).
I also tried it by hacking after_sign_out_path_for and
after_sign_in_path_for but this is meaningless for this purpose and
there is still a bad point : if there is a stored_location, the
after_sign_in_path_for method will not be fired.
Is there another way to achieve that ? If not, I assume I'll be on my
way to hack devise 1.0.x but is this a valuable feature request for
Devise 1.1.x ?
best regards,
Olivier.
José Valim
Aug 23, 2010, 10:29:01 AM8/23/10
to plataforma...@googlegroups.com
Take a look at Devise trackable implementation and warden hooks. They may help you achieve what you want.
Director of Engineering - Plataforma Tecnologia
Know more about us: http://plataformatec.com.br/en/
--
José ValimDirector of Engineering - Plataforma Tecnologia
Know more about us: http://plataformatec.com.br/en/
GoNZoYuMo
Aug 23, 2010, 10:43:02 AM8/23/10
to Devise
Thank for that very fast reply :)
the warden hook after_set_user seems to fit my needs but there is only
a before_logout, not an after_logout hook.
But maybe should I refactor my app part to fit with this.
Thanks a lot.
the warden hook after_set_user seems to fit my needs but there is only
a before_logout, not an after_logout hook.
But maybe should I refactor my app part to fit with this.
Thanks a lot.
José Valim
Aug 23, 2010, 10:46:17 AM8/23/10
to plataforma...@googlegroups.com
You should not rely in an before/after logout hook because the user can simply close the browser and his session will be deleted, effectively signing out but the hook will never called.
Director of Engineering - Plataforma Tecnologia
Know more about us: http://plataformatec.com.br/en/
--
José ValimDirector of Engineering - Plataforma Tecnologia
Know more about us: http://plataformatec.com.br/en/
GoNZoYuMo
Aug 23, 2010, 11:39:40 AM8/23/10
to Devise
hum, looking deep into devise make me loose the goal I initialy wanted
to reach. Let me explain :
I have a session var that is used everywhere on the app and that is
based on this :
signed_out user => var = A
signed_in user with status = 0 => var = A
signed_in user with status = 1 => var = B
So this var only changes on those actions :
1) sign_in (if status = 1)
2) sign_out (is status was 1)
3) status update (from 0 to 1)
Handling 3) is done in my app logic and doesn't matter here.
The user can sign_in only with one form (not rememberable) and logout
with the disconnect button, a session timeout or a browser closure.
So finaly, handling 1) and 2) could be done exclusively in the session
controller. No matters if the user closes is browser or the session
expires, when he comes back, the session var will be set again with
the correct value (the one for signed_out user).
What must not happen is to miss to update this var when the user
logout(or login) himself and stay on the app.
First I was setting it on each request and even if it is easier to
achieve, it's an useless code execution (with sql queries) on more
than 95% of the requests.
To conclude, what I ended up is to override "sign_in_and_redirect" and
"sign_out_and_redirect" methods as they are used by the
sessions_controller.
I think I shouldn't have some weird behavior with this.
Olivier.
to reach. Let me explain :
I have a session var that is used everywhere on the app and that is
based on this :
signed_out user => var = A
signed_in user with status = 0 => var = A
signed_in user with status = 1 => var = B
So this var only changes on those actions :
1) sign_in (if status = 1)
2) sign_out (is status was 1)
3) status update (from 0 to 1)
Handling 3) is done in my app logic and doesn't matter here.
The user can sign_in only with one form (not rememberable) and logout
with the disconnect button, a session timeout or a browser closure.
So finaly, handling 1) and 2) could be done exclusively in the session
controller. No matters if the user closes is browser or the session
expires, when he comes back, the session var will be set again with
the correct value (the one for signed_out user).
What must not happen is to miss to update this var when the user
logout(or login) himself and stay on the app.
First I was setting it on each request and even if it is easier to
achieve, it's an useless code execution (with sql queries) on more
than 95% of the requests.
To conclude, what I ended up is to override "sign_in_and_redirect" and
"sign_out_and_redirect" methods as they are used by the
sessions_controller.
I think I shouldn't have some weird behavior with this.
Olivier.
Reply all
Reply to author
Forward
0 new messages