I have a controller which inherits from Devise::RegistrationsController. I have added a show action to the controller. T开发者_如何学Pythonhe problem is that even when the user is logged out they can access this action even though at the top of my controller I have:
before_filter :authenticate_user!, :except => [:new, :create]
Why isn't authenticate_user! disallowing access to my show action?
I tested this with one of my application. The filter authentication_person! (it's person in my case) works well for all other controllers but doesn't work for controller inherited from Devise::RegistrationsController. This may be an issue or limitation with devise. Needs to be added to issues discussion at github.
The other workaround can be to create a filter method should_be_logged_in? into the application controller and then checking for person_signed_in? helper and redirecting accordingly.
Might be an issue with auth scope.. try adding the following to you controller:
prepend_before_filter :authenticate_scope!, :only => [:edit, :update, :destroy, :show]
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论