Devise: Devise destroy_user_session has wrong HTTP method in Rails 3.1.0.rc4
According to https://github.com/plataformatec/devise/blob/master/lib/devise/rails/routes.rb#L30 the devise session routes should look like this with a GET destroy_users_session
# Session routes for Authenticatable (default)
new_user_session GET /users/sign_in {:controller=>"devise/sessions", :action=>"new"}
user_session POST /users/sign_in {:controller=>"devise/sessions", :action=>"create"}
destroy_user_session GET /users/sign_out {:controller=>"devise/sessions", :action=>"destroy"}
Running devise 1.4.2 with rails 3.1.0.rc4 renders a DELETE destroy_user_session instead
new_user_session GET /users/sign_in(.:format) {:action=>"new", :controller=>"devise/sessions"}
user_session POST /users/sign_in(.:format) {:action=>"create", :controller=>"devise/sessions"}
destroy_user_session DELETE /users/sign_out(.:format) {:action=>"destroy", :controller=>"devise/sessions"}
This prevents a sign out link from working
<%= link_to "Sign out", destroy_user_session_path %> # does not work
and since it is not a GET, using the link gives this error
No route matches [GET] "/members/sign_out
I was able to monkey patch the gem by changing this line to get instead of match although I'm not sure that's the correct fix.
I googled around and found someone else having the same issue here.
marksands
All 2 comments
You need to pass :method => :delete when generating the link or change the configuration option to allow :get instead.
josevalim
on 12 Jul 2011
You need to pass this line in your routes file....i am sure working properly..but you need to change model name. which are using this link.
devise_for :members do get '/members/sign_out' => 'devise/sessions#destroy' end
vikask
on 25 Sep 2012
Related issues
ragesoss
·
3Comments
neohunter
·
3Comments
afuno
·
3Comments
mits87
·
3Comments
mikeki
·
4Comments
Most helpful comment
You need to pass :method => :delete when generating the link or change the configuration option to allow :get instead.