How can I sign out a devise user from the Rails console?

Question

My devise users are "database_authenticatable" and "token_authenticatable". I've tried deleting the "authentication_token" field in the database for that user from the console, but they still seem to be able to use their existing auth token. Deleting the user entirely works, but I don't want to go that far.

Edit: for clarity. I want to use the rails console to sign out a user. i.e. run rails console and then some command.

score 19 · Answer 1 · edited Jun 19 '20 at 10:10

19

Devise provides helper methods to do these things:

user = User.find(params[:id])
sign_in user
sign_out user

Hope this helps.

edited Jun 19 '20 at 10:10

Rimian

36,864
16
117
117

answered Mar 09 '15 at 09:22

Ankit Samarthya

488
2
13

34

Since I'm using the *console*, I don't have those methods. When I run the sign_in command I get ```NoMethodError: undefined method `sign_in' for main:Object``` – joseph.hainline Mar 10 '15 at 03:17
1

From console you can try this: `>> ApplicationController.allow_forgery_protection = false` `>> app.post('/users/sign_in', {"user"=>{"email"=>"login@example.com", "password"=>"password"}})` – Ankit Samarthya Mar 10 '15 at 08:50
Best thing would be to use pry gem. Once you install it, just add the line pry to your controller and you can access sign_out. – Ankit Samarthya Mar 12 '15 at 13:42

score -1 · Answer 2 · answered Apr 26 '17 at 07:50

If you are using Devise you could use the below in your rails console. This works perfect for me as in my app if you are using only 1 session per user account. I am storing my sessions in redisDB.

user = User.first
user.update_attributes(unique_session_id: "")

All I had to do was clear my users unique_session_id for that user and rails kicks the user out of the session.

But for multiple sessions for the same User account this does not work.

If you want to clear all user sessions you can do the below from terminal

rake db:sessions:clear

It gives ActiveRecord::UnknownAttributeError: unknown attribute 'unique_session_id' for User. — iCyborg, Apr 10 '20 at 16:25

score -1 · Answer 3 · answered May 21 '21 at 14:51

To sign_in by Devise check this way in console:

$ rails console
include Warden::Test::Helpers
def sign_in(resource_or_scope, resource = nil)
  resource ||= resource_or_scope
  scope = Devise::Mapping.find_scope!(resource_or_scope)
  login_as(resource, scope: scope)
end

def sign_out(resource_or_scope)
  scope = Devise::Mapping.find_scope!(resource_or_scope)
  logout(scope)
end

@user = User.find(1)
sign_in @user

Then open http://127.0.0.1:3000/users/sign_in to test, in my case it will bypass this page and go to home page! Same to sign_out!

score -2 · Answer 4 · edited May 23 '17 at 11:54

-2

You may be able to use the helpers that others have mentioned after including the necessary module:

include Devise::Controllers::SignInOut

source: Module: Devise::Controllers::SignInOut

There's also another SO question where someone shares a method that doesn't involve using Devise helpers here.

edited May 23 '17 at 11:54

Community

1
1

answered Mar 10 '15 at 03:38

sixty4bit

7,422
7
33
57

I get ```NameError: uninitialized constant Devise::Controllers::SignInOut``` – joseph.hainline Mar 10 '15 at 03:40
I'm guessing the library needs to be required first. Can you try `require 'devise'` and then the `include`? Not sure about the right filename to require so I'll keep poking around – sixty4bit Mar 10 '15 at 03:42
Also edited my answer to include a link to a similar SO question with an answer marked correct. It's for signing in rather than out but should be a similar process if you want to try that way (it's making a post to the `/signout` path with information about your user as parameters) – sixty4bit Mar 10 '15 at 03:48
8

I get `NameError: undefined local variable or method `warden' for main:Object` at my pry console – dcorking Jan 27 '16 at 12:31

score -3 · Answer 5 · answered Dec 21 '16 at 19:28

I'm not a fan of the sign_out @user pattern because, at least for the devise version I'm using, that signs out the current user, regardless of the argument I pass it. If you're storing sessions in your database then you can do this:

@user.update_attributes(current_sign_in_token: "")

TBH I don't think that's the best way to do it, but it's the best way I've seen in my own research.

score -3 · Answer 6 · answered Jan 11 '18 at 13:52

I believe you can simply update the password_salt and it will invalidate the user session on their next request.

user = User.first
user.update_column(:password_salt, 'reset')

Reference: http://www.jonathanleighton.com/articles/2013/revocable-sessions-with-devise/

mpz · Answer 7 · 2021-04-08T04:12:31.907

-3

For old devise versions

Seems attribute tokens save sessions:

user.tokens = nil
user.save

edited Apr 08 '21 at 04:12

answered Oct 28 '18 at 02:42

mpz

1,906
3
15
23

score -8 · Answer 8 · edited Apr 20 '16 at 13:00

-8

You can create a logout link in views->layouts->application.html.erb as:-

<= link_to 'Log Out', destroy_user_session_path, method: :delete %>

It worked for me - hope it does for others as well.

edited Apr 20 '16 at 13:00

Nithin

3,679
3
30
55

answered Mar 16 '16 at 08:45

Archita Sundaray

77
1
10

the question is to log out from console – blackbiron Jun 03 '16 at 14:15
This only works in a rails view, not in rails console. – Francisco Quintero Jul 05 '16 at 19:44

How can I sign out a devise user from the Rails console?

8 Answers8

Linked