Hello All,
I am getting a problem while login for inactive users.
While login I am getting -
Processing by Devise::SessionsController#new as HTML
User Load (0.7ms) SELECT “users”.* FROM “users” WHERE “users”.“id” =
2
LIMIT 1
Redirected to http://localhost:3000/
Filter chain halted as :require_no_authentication rendered or
redirected.
Inactive users still login, but while debugging, it doesn’t show
anything.
It goes to the else part, still logs in.
session_controller:-
prepend_before_filter :require_no_authentication, :only => [ :new,
:create ]
prepend_before_filter :allow_params_authentication!, :only => :create
prepend_before_filter { request.env[“devise.skip_timeout”] = true }
skip_before_filter :verify_authenticity_token
def create
user_email = User.find_by_email(resource_params[‘email’])
if user_email
if server_emails.include?(resource_params['email']) ||
params[:client_login] != nil
if user_email.valid_password?(resource_params[‘password’])
if (user_email.status == “Verified” || user_email.status ==
nil)
/// This part is fine... It allows to login.
else
flash[:notice] = "User Not Active"
respond_with({:errors => "User Not Active"}, :location =>
sign_in_path)
end
else
flash[:notice] = “Password doesn’t match”
respond_with({:errors => “Password doesn’t match”}, :location
=>
sign_in_path)
end
else
puts “NOT AUTHORIZED”
flash[:notice] = “You are not authorized to login. Admin login
only.”
respond_with({:errors => “Not authorized”}, :location =>
sign_in_path)
end
else
flash[:notice] = “Email doesn’t exists.”
respond_with({:errors => “Email doesn’t exists.”}, :location =>
sign_in_path)
end
end
Thanks,
Avi