Ruby-on-Rails: How to get rid of "you are being redirected" page
I am overriding Devise's failure response so that I can set a 401 status code. However, when the user fails to sign in, they are redirected to a page with a "you are being redirected" link. If I remove this :status => 401 from the redirect it works fine.
class CustomFailure < Devise::FailureApp
def redirect_url
new_user_session_url(:subdomain => 'secure')
end
def respond
if http_auth?
http_auth
else
store_location!
flash[:alert] = i18n_message unless flash[:notice]
redirect_to redirect_url, :status => 401
end
end
end
edit
Alternatively I would like to display the flash message and remain on the same page but adding this line of code:
render :text => "unauthorized", :status => 401
causes ruby to complain:
undefined method `render' for #<CustomFailure:0x00000103367f28>
What's happening here?
Answer
Proper HTTP statuses for a redirection are in the 30x form (301 and 302 being the most frequently used). By default, the redirect_to helper sets a 302 status header on the HTTP response. If you override that and set that to a 401, your web browser will assume that the response is a regular web page and will render the response body --which, in a redirection, is the boilerplate text "You are being redirected".