I am using devise to manage user authentication in my rails app. Devise is really great for that.
However I have a special requirement for my application: A user must be whitelisted before he can register as a User.
So there is a admin which creates a list of allowed emails. A user registers with a email and if the email is in the whitelist table he will be registered. If however, the mail is not in the whitelist, the registration should be aborted with a message like "You are not yet invited".
Do you have an idea how that could be solved with devise?
Thanks in advance.
What you can do is create your own registrations controller and extend the device one like:
class MyRegistrationController < Devise::RegistrationsController
def create
# do your checks
super
end
end
see: https://github.com/plataformatec/devise/blob/master/app/controllers/devise/registrations_controller.rb And: https://github.com/plataformatec/devise/wiki/How-to:-Customize-routes-to-user-registration-pages
Good luck!
I would just use model validation. I'm assuming your User class has the devise method
class User < ActiveRecord::Base
devise :database_authenticatable, :registerable #etc
before_validation :whitelisted
def whitelisted
unless celebrityemail.include? email
errors.add :email, "#{email} is not on our invitation list"
end
end
end
I did create my own controller as suggested:
class Users::RegistrationsController < Devise::RegistrationsController
def create
email = params[:user][:email]
if Admin::Whitelist.find_by_email(email) != nil
super
else
build_resource
set_flash_message :error, "You are not permitted to sign up yet. If you have already payed your registration fee, try again later."
render_with_scope :new
end
end
end
I placed it in app/users/registrations_controller.rb. Then I had to copy the devise registration views into app/views/users/registrations because the default views were not used.
It is working now, thanks for your help
来源:https://stackoverflow.com/questions/5167576/whitelisting-with-devise