问题
Background
I have a simple app with devise and cancancan. Because I wanted to add a little bit of custom logic to the signup process, I used devise with customised controllers, which simply means devise uses the users controller (rather than devise controllers) for all of the things devise does.
Problem
When I add check_authorization to the application controller, and skip_authorization_check to all of the user (devise) controllers, I still get the following error raised when the user tries to sign in or out:
Question
Does anyone know how to skip_authorization_check for these controllers? (I already have skip_authorization_check in every user (devise) controller, I thought that would do it, so I'm not sure what to try
回答1:
I found the answer 90% of the way through writing this question, so figured to post it in case it helps others in the future.
The answer is, simply use the same method for skipping authorization checks on devise in the regular way (even if using customised devise controllers), that is, simply add this to the application_controller
check_authorization unless: :devise_controller?
Adding skip_authorization_check manually to each devise (or customised devise) controller does not seem necessary when using this approach.
来源:https://stackoverflow.com/questions/64520705/check-authorization-causes-custom-devise-controller-to-fail