authenticating devise without password

156 Views Asked by Jay Enginer At 11 May 2023 at 16:18

if params[:confirm_token] == "true"
      user = User.find_by(email: params[:email])
      binding.pry
      sign_in(user)
      # super
end

I need to authenticate user without a password.

I tried the sign_in(user), but when it renders it says 401 invalid credentials

Tried to sign in the user using sign_in method but that didn't work.

Original Q&A

There are 1 best solutions below

prasannaboga On 11 May 2023 at 16:55

You can define custom strategies in devise. By adding the custom strategy devise gem will be taken care of user login.

add a strategy file initializers folder

# config/initializers/confirm_token_strategy.rb
module Devise
  module Strategies
    class ConfirmToken < Base
      def valid?
        params[:confirm_token].present?
      end

      def authenticate!
        confirm_token_object = ConfirmTokenObject.find_by(token: params[:confirm_token])
        # token verification
        if confirm_token_object.blank?
          fail!("#{params[:confirm_token]} is not a valid code or expired!")
        else
          user = User.find_by(email: params[:email])
          success!(user)
        end
      end
    end
  end
end

Add the strategy to warden manager

# config/initializers/devise.rb
config.warden do |manager|
  manager.strategies.add(:confirm_token, Devise::Strategies::ConfirmToken)
end

Use the strategy in warden authentication

# users_controller.rb
def verify_confirm_token
  self.resource = warden.authenticate!(:confirm_token)
  sign_in_and_redirect resource and return if resource
end

authenticating devise without password

There are 1 best solutions below

Related Questions in RUBY-ON-RAILS

Related Questions in AUTHENTICATION

Related Questions in DEVISE

Related Questions in PASSWORD-LESS

Trending Questions

Popular # Hahtags

Popular Questions