With the Confirmable module enabled, Devise will not allow an unconfirmed user to sign in after a predefined period of time has elapsed. Instead the user is redirected back to the sign in page with the flash message "You have to confirm your account before continuing".
This is an undesirable interaction model, as a flash notice does not provide adequate space to properly explain to the user why access has been denied, what "confirm your account" means, provide a link to resend the confirmation, and instructions on how to check your spam folder and so on.
Is there a way I can change this behaviour to redirect to a specific URL instead?
This is my solution you need to add :unconfirmed message on devise locales below the sessions.
in app/controllers/sessions_controller.rb
Sorry at first I thought you meant after Sign Up not Sign In. So the down below works for how to direct users after Sign Up and what you need to do for Sign In is to create a custom Devise::FailureApp
See the wiki page: https://github.com/plataformatec/devise/wiki/How-To:-Redirect-to-a-specific-page-when-the-user-can-not-be-authenticated
Then within your custom FailureApp overwrite
redirect_url
method from https://github.com/plataformatec/devise/blob/master/lib/devise/failure_app.rb:For custom redirect after Sign Up:
There is a controller method
after_inactive_sign_up_path_for
within the RegistrationsController that you can overwrite to accomplish this.First in your Routes you will need to specify to use your custom controller:
config/routes.rb
:Second you create your custom controller that inherits from the normal controller in order to overwrite the method:
app/controllers/users/registrations_controller.rb
In this case for my App my Devise model is User so you may want to change that namespace if your model is named differently. I wanted my users to be redirected to the
signed_up_path
, but you can change that to your desired path.I just did this, but took a different approach.
in app/controllers/sessions_controller.rb:
This worked for me and seemed minimally invasive. In my app new sessions always have to go through
sessions#create
and users always sign in with their email address, so this may be a simpler case than yours.You can of course
redirect_to
any location you desire in thecheck_user_confirmation
method.new_confirmation_path
was the logical choice for me because it provides users with the resources to get confirmed.