TechQA.

authenticating devise without password

156 views Asked by At 
if params[:confirm_token] == "true"
      user = User.find_by(email: params[:email])
      binding.pry
      sign_in(user)
      # super
end

I need to authenticate user without a password.

I tried the sign_in(user), but when it renders it says 401 invalid credentials

Tried to sign in the user using sign_in method but that didn't work.

ruby-on-rails authentication devise password-less
Original Q&A
1

There are 1 answers

0
prasannaboga On

You can define custom strategies in devise. By adding the custom strategy devise gem will be taken care of user login.

add a strategy file initializers folder

# config/initializers/confirm_token_strategy.rb
module Devise
  module Strategies
    class ConfirmToken < Base
      def valid?
        params[:confirm_token].present?
      end

      def authenticate!
        confirm_token_object = ConfirmTokenObject.find_by(token: params[:confirm_token])
        # token verification
        if confirm_token_object.blank?
          fail!("#{params[:confirm_token]} is not a valid code or expired!")
        else
          user = User.find_by(email: params[:email])
          success!(user)
        end
      end
    end
  end
end

Add the strategy to warden manager

# config/initializers/devise.rb
config.warden do |manager|
  manager.strategies.add(:confirm_token, Devise::Strategies::ConfirmToken)
end

Use the strategy in warden authentication

# users_controller.rb
def verify_confirm_token
  self.resource = warden.authenticate!(:confirm_token)
  sign_in_and_redirect resource and return if resource
end

Related Questions in RUBY-ON-RAILS

Related Questions in AUTHENTICATION

Related Questions in DEVISE

Related Questions in PASSWORD-LESS

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json

Trending Questions