Rails, Devise: invalid login redirects to root page instead of displaying errors

Question

For some reason, my app redirects failed session creation to the root page of the application, instead of displaying errors on why the login failed, such as, wrong password.

I captured the http response:

Request URL:http://localhost:3000/users/sign_in
Request Method:POST
Status Code:302 Moved Temporarily

My code performs a :

<%= form_for(resource, :as => resource_name, :url => session_path(resource_name)) do |f| %>

If I change the url to user_session_path - I get the following:

Invalid email or password.

However, it is just rendered as simple text.

Request URL:http://localhost:3000/users/sign_in.user
Request Method:POST
Status Code:401 Unauthorized

I have omniauth and cancan gems installed. Not sure where to start looking - any ideas? (on another note, I do not see the route session in rake routes, but if I perform a correct login, it logs me in. How is this possible?)

Thank you!

I suppose you already have devise_for :users in config/routes.rb? — Josh W Lewis, May 31 '12 at 03:44
Do you have any before filters in your controllers that check login status? — Josh W Lewis, May 31 '12 at 03:46

score 0 · Answer 1 · edited May 23 '17 at 12:11

I found that my app had a CustomFailure class in the lib folder. This always redirect to the root upon login. After removing this failure app, the app redirected me back to the login screen after a failed login.

According to Rails - Devise - Error messages when signing in? , the errors are not given to form fields, but to flash messages. So you need to include them to the default devise new session view.

I still did not figure out why session_path works, and why user_session_path produces the results posted in my question.

Rails, Devise: invalid login redirects to root page instead of displaying errors

1 Answers1