devise icon indicating copy to clipboard operation
devise copied to clipboard
verified publisher icon heartcombo

api_only? option for devise_for

Open PedroAugustoRamalhoDuarte opened this issue 3 years ago • 2 comments

This PR solves the problem with unused routes for api_only projects using devise (Issue #5242). Its adds a new option for devise_for called api_only and when is true, removes new and edit actions from routes.

I have made this repo (https://github.com/PedroAugustoRamalhoDuarte/devise-api-only) to test this feature:

When we run rails routes with devise_for :users:

                                  Prefix Verb   URI Pattern                                                                                       Controller#Action
                        new_user_session GET    /users/sign_in(.:format)                                                                          devise/sessions#new
                            user_session POST   /users/sign_in(.:format)                                                                          devise/sessions#create
                    destroy_user_session DELETE /users/sign_out(.:format)                                                                         devise/sessions#destroy
                       new_user_password GET    /users/password/new(.:format)                                                                     devise/passwords#new
                      edit_user_password GET    /users/password/edit(.:format)                                                                    devise/passwords#edit
                           user_password PATCH  /users/password(.:format)                                                                         devise/passwords#update
                                         PUT    /users/password(.:format)                                                                         devise/passwords#update
                                         POST   /users/password(.:format)                                                                         devise/passwords#create
                cancel_user_registration GET    /users/cancel(.:format)                                                                           devise/registrations#cancel
                   new_user_registration GET    /users/sign_up(.:format)                                                                          devise/registrations#new
                  edit_user_registration GET    /users/edit(.:format)                                                                             devise/registrations#edit
                       user_registration PATCH  /users(.:format)                                                                                  devise/registrations#update
                                         PUT    /users(.:format)                                                                                  devise/registrations#update
                                         DELETE /users(.:format)                                                                                  devise/registrations#destroy
                                         POST   /users(.:format)                                                                                  devise/registrations#create

with devise_for :users, api_only?: true:

                                  Prefix Verb   URI Pattern                                                                                       Controller#Action
                            user_session POST   /users/sign_in(.:format)                                                                          devise/sessions#create
                    destroy_user_session DELETE /users/sign_out(.:format)                                                                         devise/sessions#destroy
                           user_password PATCH  /users/password(.:format)                                                                         devise/passwords#update
                                         PUT    /users/password(.:format)                                                                         devise/passwords#update
                                         POST   /users/password(.:format)                                                                         devise/passwords#create
                cancel_user_registration GET    /users/cancel(.:format)                                                                           devise/registrations#cancel
                       user_registration PATCH  /users(.:format)                                                                                  devise/registrations#update
                                         PUT    /users(.:format)                                                                                  devise/registrations#update
                                         DELETE /users(.:format)                                                                                  devise/registrations#destroy
                                         POST   /users(.:format)                                                                                  devise/registrations#create

I would like to write some specs too, does anyone have any tips?

PedroAugustoRamalhoDuarte avatar Jan 16 '22 21:01 PedroAugustoRamalhoDuarte

I think this PR should include the fix for the following issue #5443 since API-only apps don't have sessions anymore.

mbackermann avatar Jan 17 '22 20:01 mbackermann

@mbackermann I am now working on a dedicated PR for that

morenocarullo avatar Feb 25 '22 10:02 morenocarullo