Learn how to use a custom authentication setup with Spree
User
model exists in is already a Spree application.
User
, but for the purposes of this guide the model we will be referring to will be called User
. If your model is called something else, do some mental substitution wherever you see User
.1. Change the Spree.user_class
User
class, you must first edit Spree’s initializer located at config/initializers/spree.rb
by changing this line:2. Generate Spree Authentication Helpers
lib/spree/authentication_helpers.rb
) to the Spree::Core::AuthenticationHelpers
module inside of Spree.Run this generator with this command:User
class as the class that represents users in Spree. Run the new migration by running this:3. Customize Spree Authentication Helpers
lib/spree/authentication_helpers.rb
contains the following code to help you do that:ApplicationController
add these lines:spree_current_user
Used to tell Spree what the current user of a request is.spree_login_path
The location of the login/sign in form in your application.spree_signup_path
The location of the sign up form in your application.spree_logout_path
The location of the logout feature of your application.spree_login_path
, spree_signup_path
and spree_logout_path
methods must have main_app
prefixed if they are inside your application. This is because Spree will otherwise attempt to route to a login_path
, signup_path
or logout_path
inside of itself, which does not exist. By prefixing with main_app
, you tell it to look at the application’s routes.You will need to define the login_path
, signup_path
and logout_path
routes yourself, by using code like this inside your application’s config/routes.rb
if you’re using Devise:devise_scope
method and change the controllers and actions for these routes.You can also customize the spree_login_path
, spree_signup_path
and spree_logout_path
methods inside lib/spree/authentication_helpers.rb
to use the routing helper methods already provided by the authentication setup you have, if you wish.Any modifications made to lib/spree/authentication_helpers.rb
while the server is running will require a restart, as with any other modification to other files in lib
.4. Include Spree::UserMethods in your User model
has_and_belongs_to_many
association called spree_roles
. This association will retrieve all the roles that a user has for Spree.The second of these is the spree_orders
association. This will return all orders associated with the user in Spree. There’s also a last_incomplete_spree_order
method which will return the last incomplete spree order for the user. This is used internal to Spree to persist order data across a user’s login sessions.The third and fourth associations are for address information for a user. When a user places an order, the address information for that order will be linked to that user so that it is available for subsequent orders.The next method is one called has_spree_role?
which can be used to check if a user has a specific role. This method is used internally to Spree to check if the user is authorized to perform specific actions, such as accessing the admin section. Admin users of your system should be assigned the Spree admin role, like this:has_spree_role?
method, like this:true
, then the user has admin permissions within Spree.5. Remove Auth Devise gem
spree_auth_devise
gem is not needed when using an existing application authentication unless the goal is to have two separate authentication methods.You can remove the spree_auth_devise
gem by running this command: