Skip to content

Instantly share code, notes, and snippets.

@a-chernykh
Created June 22, 2011 19:43
Show Gist options
  • Save a-chernykh/1040964 to your computer and use it in GitHub Desktop.
Save a-chernykh/1040964 to your computer and use it in GitHub Desktop.
devise force https for sign in and sign up routes
class ApplicationController < ActionController::Base
before_filter :ensure_proper_protocol
protected
def ssl_allowed_action?
(params[:controller] == 'users/sessions' && ['new', 'create'].include?(params[:action])) ||
(params[:controller] == 'users/registrations' && ['new', 'create', 'edit', 'update'].include?(params[:action])) ||
(params[:controller] == 'users/omniauth_callbacks')
end
def ensure_proper_protocol
if request.ssl? && !ssl_allowed_action?
redirect_to "http://" + request.host + request.fullpath
end
end
def after_sign_in_path_for(resource_or_scope)
root_url(:protocol => 'http')
end
def after_sign_out_path_for(resource_or_scope)
root_url(:protocol => 'http')
end
end
class Users::RegistrationsController < Devise::RegistrationsController
force_ssl :only => [:new, :create, :edit, :update]
protected
def after_inactive_sign_up_path_for(resource)
root_url(:protocol => 'http')
end
def after_sign_up_path_for(resource)
root_url(:protocol => 'http')
end
def after_update_path_for(resource)
edit_user_registration_url(:protocol => 'http')
end
end
class Users::SessionsController < Devise::SessionsController
force_ssl :only => [:new, :create]
end
@bdesmarez
Copy link

Thanks, help a lot to replace ssl_require with rails 3.1.x

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment