Devise destroy session and sign out from controller?
if something_is_not_kosher
# 1. log this event, 2. send notice
redirect_to destroy_user_session_path and
destroy_user_session_path(@user)
is sign out path for user, but it must requst with DELETE
method. redirect_to
method will tell broswer to request another path, but broswer just can request with GET
method.
So if you want to let user to sign out, you must set a sign out form with DELETE
method or with AJAX request to let user sign out but not with redirect_to
function.
If you just want to destroy user session, use sign_out @user
is ok.
So I ended up solving this by creating a custom signout route
devise_scope :user do
get '/signout', to: 'devise/sessions#destroy', as: :signout
end
and in my controller I have:
if something_is_not_kosher
redirect_to signout_path and return
end
Why don't you just use devise's built-in sign_out_and_redirect(current_user) method?
Just in case someone can't use it directly.
<% if user_signed_in? %>
<li><%= link_to "Logout", destroy_user_session_path, :method => :delete %></li>
<% else %>
<li><%= link_to "Sign up now!", new_user_registration_path%></li>
<% end %>