A long-lived project that still receives updates
Provides authentication and authorization services for use with Spree by using Devise and CanCan.
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
 Dependencies

Development

Runtime

 Project Readme

Spree Auth Devise

CircleCI

Provides authentication services for Spree, using the Devise gem.

Developed by

Vendo - Start your own multi-brand marketplace

Spark Solutions - Ruby on Rails and Spree Commerce developers

Installation

  1. Add this extension to your Gemfile with this line:
gem 'spree_auth_devise'

if you run into any version-mismatch problems please run bundle update

  1. Install the gem using Bundler:
bundle install
  1. Copy & run migrations
bundle exec rails g spree:auth:install

Upgrading from Spree 3.0 to 3.1

If you're upgrading from 3.0 to 3.1 you need to rerun the installer to copy new asset files (javascripts)

bundle exec rails g spree:auth:install

Configuration

Confirmable

To enable Devise's Confirmable module, which will send the user an email with a link to confirm their account, you must do the following:

  • Add this line to an initializer in your Rails project (typically config/initializers/spree.rb):
Spree::Auth::Config[:confirmable] = true
  • Add a Devise initializer to your Rails project (typically config/initializers/devise.rb):
Devise.setup do |config|
  # Required so users don't lose their carts when they need to confirm.
  config.allow_unconfirmed_access_for = 1.days

  # Fixes the bug where Confirmation errors result in a broken page.
  config.router_name = :spree

  # Add any other devise configurations here, as they will override the defaults provided by spree_auth_devise.
end

Sign out after password change

To disable signout after password change you must add this line to an initializer in your Rails project (typically config/initializers/spree.rb):

Spree::Auth::Config[:signout_after_password_change] = false

Using in an existing Rails application

If you are installing Spree inside of a host application in which you want your own permission setup, you can do this using spree_auth_devise's register_ability method.

First create your own CanCan Ability class following the CanCan documentation.

For example: app/models/your_ability_class.rb

class YourAbilityClass
  include CanCan::Ability

  def initialize user
    # direct permissions
     can :create, SomeRailsObject

     # or permissions by group
     if spree_user.has_spree_role? "admin"
       can :create, SomeRailsAdminObject
     end
   end
end

Then register your class in your spree initializer: config/initializers/spree.rb

Spree::Ability.register_ability(YourAbilityClass)

Inside of your host application you can then use CanCan like you normally would.

<% if can? :show, SomeRailsObject %>

<% end %>

Adding Permissions to Gems

This methodology can also be used by gems that extend spree and want/need to add permissions.

Ruby 2.5 issues

If you encounter issues when using Ruby 2.5, please run:

bundle update devise

Creating the default Admin user

If you didn't created the Admin user from the installer you can run this rake task:

bundle exec rake spree_auth:admin:create

Testing

You need to do a quick one-time creation of a test application and then you can use it to run the tests.

bundle exec rake test_app

Then run the rspec tests.

bundle exec rspec

License

Spree Starter (formerly Spark Starter Kit) is copyright © 2015-2021 Spark Solutions Sp. z o.o.. It is free software, and may be redistributed under the terms specified in the LICENSE file.

About Spark Solutions

Spark Solutions

Spree Auth Devise is maintained and funded by Spark Solutions Sp. z o.o. The names and logos are trademarks of Spark Solutions Sp. z o.o.

We are passionate about open source software. We are available for hire.