I was creating an app that can manage reservations. (Users do not need to register as a member) On the admin screen, I decided to use `` `gem'devise'``` to create an authentication function so that it can only be used by authorized users. After completing the devise-related installation and settings, I checked the available functions and noticed that there were many unnecessary functions (user registration / password setting, etc ..). Since the administrator screen is basically used by only two people, only the user information of two people was set when creating the app. (Set by rails console or SQL)
module | function |
---|---|
database_authenticatable | Password encryption stored in DB(User registration is not possible without this function) |
registerable | Sign-up process |
recoverable | Password reset |
rememberable | Keep login information in cookie |
trackable | Save the number of sign-ins, time, and IP address |
validatable | Email address and password validation |
By default, all features except `trackable`
are enabled.
app/models/user.rb
class User < ApplicationRecord
# Include default devise modules. Others available are:
# :confirmable, :lockable, :timeoutable, :trackable and :omniauthable
devise :database_authenticatable, :registerable,
:recoverable, :rememberable :validatable
end
Since the only function used this time is "login / logout", make the following changes.
registerable sign-up process
(Unnecessary function)
recoverable password reset
(Unnecessary function)
app/models/user.rb
class User < ApplicationRecord
# Include default devise modules. Others available are:
# :confirmable, :lockable, :timeoutable, :trackable and :omniauthable
devise :database_authenticatable, :rememberable, :validatable
end
For confirmation, check the routing with rake routes
in the terminal.
new_user_session GET /users/sign_in(.:format) devise/sessions#new
user_session POST /users/sign_in(.:format) devise/sessions#create
destroy_user_session DELETE /users/sign_out(.:format) devise/sessions#destroy
Only the routing used for "login / logout" is available.
[Rails] Session timeout setting in devise
Recommended Posts