Method: Devise::Controllers::SignInOut#sign_in

Defined in:
lib/devise/controllers/sign_in_out.rb

#sign_in(resource_or_scope, *args) ⇒ Object

Sign in a user that already was authenticated. This helper is useful for logging users in after sign up. All options given to sign_in is passed forward to the set_user method in warden. If you are using a custom warden strategy and the timeoutable module, you have to set ‘env = true` in the request to use this method, like we do in the sessions controller: github.com/heartcombo/devise/blob/main/app/controllers/devise/sessions_controller.rb#L7

Examples:

 :user, @user                      # sign_in(scope, resource)
 @user                             # sign_in(resource)
 @user, event: :authentication     # sign_in(resource, options)
 @user, store: false               # sign_in(resource, options)


33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
# File 'lib/devise/controllers/sign_in_out.rb', line 33

def (resource_or_scope, *args)
  options  = args.extract_options!
  scope    = Devise::Mapping.find_scope!(resource_or_scope)
  resource = args.last || resource_or_scope

  expire_data_after_sign_in!

  if options[:bypass]
    Devise.deprecator.warn(<<-DEPRECATION.strip_heredoc, caller)
    [Devise] bypass option is deprecated and it will be removed in future version of Devise.
    Please use bypass_sign_in method instead.
    Example:

      bypass_sign_in(user)
    DEPRECATION
    warden.session_serializer.store(resource, scope)
  elsif warden.user(scope) == resource && !options.delete(:force)
    # Do nothing. User already signed in and we are not forcing it.
    true
  else
    warden.set_user(resource, options.merge!(scope: scope))
  end
end