Custom Controller/Email Overrides

Custom Controller Overrides

The built-in controllers can be overridden with your own custom controllers.

For example, the default behavior of the validate_token method of the TokenValidationController is to return the User object as json (sans password and token data). The following example shows how to override the validate_token action to include a model method as well.

Example: controller overrides

# config/routes.rb
Rails.application.routes.draw do
mount_devise_token_auth_for 'User', at: 'auth', controllers: {
token_validations: 'overrides/token_validations'
# app/controllers/overrides/token_validations_controller.rb
module Overrides
class TokenValidationsController < DeviseTokenAuth::TokenValidationsController
def validate_token
# @resource will have been set by set_user_by_token concern
if @resource
render json: {
data: @resource.as_json(methods: :calculate_operating_thetan)
render json: {
success: false,
errors: ["Invalid login credentials"]
}, status: 401

Overriding rendering methods

To customize json rendering, implement the following protected controller methods, for success methods, assume that the @resource object is available:

Registrations Controller

  • render_create_error_missing_confirm_success_url

  • render_create_error_redirect_url_not_allowed

  • render_create_success

  • render_create_error

  • render_update_success

  • render_update_error

  • render_update_error_user_not_found

Sessions Controller

  • render_new_error

  • render_create_success

  • render_create_error_not_confirmed

  • render_create_error_bad_credentials

  • render_destroy_success

  • render_destroy_error

Passwords Controller

  • render_create_error_missing_email

  • render_create_error_missing_redirect_url

  • render_create_error_not_allowed_redirect_url

  • render_create_success

  • render_create_error

  • render_update_error_unauthorized

  • render_update_error_password_not_required

  • render_update_error_missing_password

  • render_update_success

  • render_update_error

Token Validations Controller

  • render_validate_token_success

  • render_validate_token_error

Confirmations Controller

  • render_create_error_missing_email

  • render_create_success

  • render_not_found_error

Example: all :controller options with default settings:

mount_devise_token_auth_for 'User', at: 'auth', controllers: {
confirmations: 'devise_token_auth/confirmations',
passwords: 'devise_token_auth/passwords',
omniauth_callbacks: 'devise_token_auth/omniauth_callbacks',
registrations: 'devise_token_auth/registrations',
sessions: 'devise_token_auth/sessions',
token_validations: 'devise_token_auth/token_validations'

Note: Controller overrides must implement the expected actions of the controllers that they replace.

Passing blocks to Controllers

It may be that you simply want to add behavior to existing controllers without having to re-implement their behavior completely. In this case, you can do so by creating a new controller that inherits from any of DeviseTokenAuth's controllers, overriding whichever methods you'd like to add behavior to by passing a block to super:

class Custom::RegistrationsController < DeviseTokenAuth::RegistrationsController
def create
super do |resource|

Your block will be performed just before the controller would usually render a successful response.

Email Template Overrides

You will probably want to override the default email templates for email sign-up and password-reset confirmation. Run the following command to copy the email templates into your app:

rails generate devise_token_auth:install_views

This will create two new files:

  • app/views/devise/mailer/reset_password_instructions.html.erb

  • app/views/devise/mailer/confirmation_instructions.html.erb

These files may be edited to suit your taste. You can customize the e-mail subjects like this.

Note: if you choose to modify these templates, do not modify the link_to blocks unless you absolutely know what you are doing.