app/controllers/application_controller.rb
class ApplicationController < ActionController::Base
# Prevent CSRF attacks by raising an exception.
# For APIs, you may want to use :null_session instead.
protect_from_forgery with: :exception
before_action :configure_permitted_parameters, if: :devise_controller?
before_filter :ensure_signup_complete
protected
def ensure_signup_complete
# Ensure we don't go into an infinite loop
return if action_name == 'finish_signup'
# Redirect to the 'finish_signup' page if the user
# email hasn't been verified yet
if current_user && (!current_user.email_verified? || current_user.role.nil?)
redirect_to finish_signup_path(current_user)
end
end
def configure_permitted_parameters
devise_parameter_sanitizer.permit(:sign_up, keys: [:role] )
end
def after_sign_in_path_for(resource)
dashboard_path
end
end