I'm trying to override the destroy method from Devise's SessionsController
, but I have had no success yet. I've already done it for the create
method, but I don't know why it's not working for the destroy
method.
This is my SessionsController
:
module Api
module V1
class SessionsController < Devise::SessionsController
skip_before_filter :verify_authenticity_token, if: :json_request?
def create
resource = warden.authenticate!(:scope => resource_name, :recall => "#{controller_path}#failure")
resource.update_token
sign_in_and_redirect(resource_name, resource)
end
def sign_in_and_redirect(resource_or_scope, resource=nil)
scope = Devise::Mapping.find_scope!(resource_or_scope)
resource ||= resource_or_scope
sign_in(scope, resource) unless warden.user(scope) == resource
return render :json => {:success => true}
end
# DELETE /resource/sign_out
def destroy
puts "DELETE /resource/sign_out"
return render :json => {:success => true}
end
def failure
return render :json => {:success => false, :errors => ["Login failed."]}
end
protected
def json_request?
request.format.json?
end
end
end
end
If i use the following curl
request, the create method works just fine:
curl -X POST -H "Accept: application/json" -H "Content-Type: application/json" http://localhost:3000/users/sign_in -d '{"user":{"email":"[email protected]", "password":"TopTier2011"}}'
But when I use this:
curl -X DELETE -H "Accept: application/json" -H "Content-Type: application/json" http://localhost:3000/users/sign_out
I get <html><body>You are being <a href="http://localhost:3000/">redirected</a>.</body></html>
as the response, and the puts "DELETE /resource/sign_out"
call never happens.
This is what I get in the Rails STDOUT
output:
Started DELETE "/users/sign_out" for 127.0.0.1 at 2014-10-07 14:51:40 -0200
Processing by Api::V1::SessionsController#destroy as JSON
Parameters: {"session"=>{}}
[deprecated] I18n.enforce_available_locales will default to true in the future. If you really want to skip validation of your locale you can set I18n.enforce_available_locales = false to avoid this message.
Redirected to http://localhost:3000/
Filter chain halted as :verify_signed_out_user rendered or redirected
Completed 302 Found in 278ms (ActiveRecord: 0.0ms)
Thank you and sorry for my English!
You probably need to skip_before_action :verify_signed_out_user
.
Take a look at https://github.com/plataformatec/devise/blob/master/app/controllers/devise/sessions_controller.rb line 4.