You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hello, I'm currently using Trestle Auth to basically provide a login layer for my admin, and to allow updating users table thatw was already managed by devise gem
as of now, i'm also using the said users table to also serve an admin account distinguishable by a role column, and manage them with an enum
enum role: { user: 1, admin: 2 }
currently I'm trying to make a logic using the current_user instance when the login succeeds.. but i can't seem to find the right way to prevent the login from happening if the current_user isn't the right role..
the code below is my current implementation that isn't working as i intended at all..
the current_user.role conditionals gets performed smoothly and if the user is an admin it goes to the index but if the user isn't an admin idk what or how should i prevent the user from using the admin panel at all, which is the thing i'm currently trying to implement is to prevent unauthorized/non admin users from coming in the trestle app
config.auth.redirect_on_login = -> {
if admin = Trestle.lookup(Trestle.config.auth.user_admin)
if current_user.role == 'admin'
Trestle.config.path
end
if current_user.role == 'user'
# kick the user back to login page, and clear the token
end
else
Trestle.config.path
end
}
The text was updated successfully, but these errors were encountered:
Hello, I'm currently using Trestle Auth to basically provide a login layer for my admin, and to allow updating users table thatw was already managed by devise gem
as of now, i'm also using the said users table to also serve an admin account distinguishable by a
rolecolumn, and manage them with anenumenum role: { user: 1, admin: 2 }currently I'm trying to make a logic using the current_user instance when the login succeeds.. but i can't seem to find the right way to prevent the login from happening if the current_user isn't the right role..
the code below is my current implementation that isn't working as i intended at all..
the current_user.role conditionals gets performed smoothly and if the user is an admin it goes to the index but if the user isn't an admin idk what or how should i prevent the user from using the admin panel at all, which is the thing i'm currently trying to implement is to prevent unauthorized/non admin users from coming in the trestle app
The text was updated successfully, but these errors were encountered: