The blog is here. https://wally-ngm.hatenablog.com/entry/2020/12/28/113312?_ga=2.221823768.120362624.1609122405-1426308614.1555332803
Recently, I made a management screen using active-admin.
When I opened the login screen, I was able to register as an administrator and it was ridiculous, so make a note of how to prevent it.
devise is used in active-admin, and it seems that the function of the login screen changes depending on the devise setting.
The devise settings are written in model, so change this.
Probably like this at first.
class AdminUser < ApplicationRecord
devise :database_authenticatable, :registerable, :recoverable, :validatable
end
If you delete : registerable, you will not be able to make new registrations via devise, and at the same time, the active-admin registration lead will also disappear.
class AdminUser < ApplicationRecord
devise :database_authenticatable, :recoverable, :validatable
end
It was really easy.