I have a two-step registration flow where a user comes in through a standard devise URL that has a confirmation_token as a GET parameter value. Now, step 1 asks for the user's name and password (login is their email address). After the user submits that form, we render step 2. It's possible that the user abandons the flow after submitting step 1. This user will have email, name, and password filled out, but he is still an unconfirmed user.
If he comes back to the site and tries to log in with this email/password combination, devise flags him as inactive for authentication, which is correct. The problem I'm having is that I'd like to redirect or render the step 2 form after the login attempt, but I can't seem to intercept the 401-and-redirect.
Here is the flow I'd like to accomplish when the user attempts to log in:
- Process
Devise::CustomSessionsController#new - User attempts to log in w/ correct email & password combination
- Redirect to
Devise::CustomConfirmationsController#confirm_step_twowith the user ID or corresponding confirmation_token in params
I know that devise offers this tutorial for a custom failure app: http://ift.tt/1otns7O, BUT I can't seem to pass or access the user database ID or the confirmation_token to the failure app. How can I do that?
The only thing I could think of doing was returning the confirmation_token as the value for User#inactive_message. That way, when devise redirects to Devise::CustomSessionsController#new, it can find the user and render the layout for step 2. This is obviously a hack, so I'm asking for ideas toward a better approach.
Aucun commentaire:
Enregistrer un commentaire