How to sign in a user using Devise from a Rails console?
Solution 1:
Here's one way I was able to do it:
>> ApplicationController.allow_forgery_protection = false
>> app.post('/sign_in', {"user"=>{"login"=>"login", "password"=>"password"}})
Then you can do:
>> app.get '/some_other_path_that_only_works_if_logged_in'
>> pp app.response.body
Solution 2:
Here is another example which uses the csrf token, authenticates the user, and makes a POST/GET request.
# get csrf token
app.get '/users/sign_in'
csrf_token = app.session[:_csrf_token]
# log in
app.post('/users/sign_in', {"authenticity_token"=>csrf_token, "user"=>{"email"=>"foo", "password"=>"bar"}})
# get new csrf token, as auth user
app.get ''
csrf_token = app.session[:_csrf_token]
# make a POST request
app.post '/some_request.json', {"some_value"=>"wee", "authenticity_token"=>csrf_token}
# make a GET request
app.get '/some_other_request.json'
Solution 3:
You can add an action inside one of your controller, and use the technique explained here.
class MyController < ApplicationController
# POST /my_controller/become {'email': '[email protected]'}
def become
raise 'not in development environment' unless Rails.env == 'development'
sign_in User.find_by_email(params[:email])
end
end
Solution 4:
Important to note that since Rails 5, the params parsing has been changed to take only one argument and params (instead of params being a second argument.
ActionDispatch::ParamsParser is deprecated and was removed from the middleware stack. To configure the parameter parsers use ActionDispatch::Request.parameter_parsers=
So these earlier examples will no longer work in modern Rails without patching your middleware. To make them work, simply include the arguments in the POST params like:
app.post('/users/sign_in', {"user"=>{"email"=>"[email protected]", "password"=>"mycoolpassword"}})
<-- No longer valid
app.post('/users/sign_in', params: {"user"=>{"email"=>"[email protected]", "password"=>"mycoolpassword"}})
<-- valid