[Question] - What is verify_signed_out_user?
Closed this issue · 2 comments
Hi,
Could you please explain more about this method?
# this is invoked before destroy and we have to override it
def verify_signed_out_user
end
- What actually the method do in more detail?
- What will happend if we remove it?
- What should we do inside it?
Thanks!
This method is defined here - https://github.com/plataformatec/devise/blob/342304375946ca11608516eae80f78dbaae059d5/app/controllers/devise/sessions_controller.rb#L59
It will be run before our destroy action, because we inherit from Devise::SessionsController. I believe that it will say that there is no signed in user and prevent our destroy action from running at all. That's why we just override it with an empty method.
I encourage you to check out what happens if you remove it. I think that the token will be not removed.
Ok thanks. Btw, how to handle a situation where a user want to change his/her password?
Say, I've an AngularJS app as the client and I have a page called Change password inside the app.
Can you give some example?
Currently, I have this:
class Users::RegistrationsController < Devise::RegistrationsController
def update
respond_to do |format|
format.html {super}
format.json {
# also required X-USER-EMAIL and X-USER-TOKEN inside the headers
email = params[:user][:email] # might send a hidden field for this email
user = User.find_by_email(email)
if params[:user][:password] == params[:user][:password_confirmation]
if user.update(password: params[:user][:password])
render json: {status: "Success", message: "Password changed"}
else
render json: {status: "Error", message: "Password not changed"}
end
else
render json: {status: "Error", message: "Password not matched"}
end
}
end
end
end
Do you have better idea?
Thanks!