-
Notifications
You must be signed in to change notification settings - Fork 5.5k
How To: Set up devise as a single user system
Rationale: Some projects might come across the need for an authentication solution to which devise is supremely suited for -- but without the need (or want) to have public viewers trying to register.
The example of a private weblog comes to mind, so we will use it as an example. This, along with How to: add an admin role (Especially using Option 2 of just using an :admin attribute), and lastly How To: Restrict access to specific actions gives a pretty robust authentication and authorization abilities to your app/website in mere minutes.
In order to implement our single user registration system, we are going to:
- Override the registration controller of Devise (Step 1)
- Add a method before the registration page is rendered (Step 2). This method will check if one user is already registered. The user will be redirected to the home page or # page if the application has one user. If the application has no user, the registration page will be rendered.
Alter the devise_for line in config/routes.rb to override the registration controller:
devise_for :users, controllers: { registrations: "registrations" }app/controllers/registrations_controller.rb:
class RegistrationsController < Devise::RegistrationsController
before_action :one_user_registered?, only: [:new, :create]
protected
def one_user_registered?
if User.count == 1
if user_signed_in?
redirect_to root_path
else
redirect_to new_user_session_path
end
end
end
endThe /users/sign_in path still gives you a login form, and /users/sign_out still logs you out.
You can add this to your application.html.erb to make some quick and easy links:
<% if user_signed_in? %>
<%= link_to('logout', destroy_user_session_path, method: :delete) %>
<% else %>
<%= link_to('login', new_user_session_path) %>
<% end %>