devise: undefined method `new_session_path` for omniauth_callbacks controller

this error appeared in our codebase since an upgrade from 1.3.4 to 1.4.8, and it seems somewhat related to similar errors reported recently. It consistently happens whenever an authorization is denied by the user and we end up on the failure side of the omniauth controller. Our code in callbacks controller is pretty much identical to that in the docs/wiki and worked fine in the past. We also see the error when hitting the recovery password page, similarly to an already reported and closed issue.

In our case the route code looks like

devise_for :users , :controllers => { 
  :omniauth_callbacks => "omniauth_callbacks" ,
  :registrations => 'registrations',
  :sessions =>'sessions'
}

and the quick fix was to simply add

def new_session_path *args 
  new_user_session_path *args
end

to our ApplicationController

About this issue

  • Original URL
  • State: closed
  • Created 13 years ago
  • Comments: 32 (15 by maintainers)

Most upvoted comments

@printercu I agree.

Just updated https://github.com/plataformatec/devise/wiki/OmniAuth%3A-Overview#using-omniauth-without-other-authentications. Could you take a look?

Thanks.

+2
laurocaetano on Apr 25, 2014

@josevalim, got same issue on 3.2.4. Faced this problem when omniauth provider returns error and https://github.com/plataformatec/devise/blob/master/app/controllers/devise/omniauth_callbacks_controller.rb#L28 is called.

I use only

class User < ActiveRecord::Base
  devise :omniauthable, :rememberable, :trackable
  # ...
end

so seems like new_session_path haven’t been generated.

I have routes for new_user_session_path but it doesn’t help:

  devise_scope :user do
    get '/session/new(.:format)'        =>  'devise/sessions#new',      as: :new_user_session
    get '/session/sign_out(.:format)'   =>  'devise/sessions#destroy',  as: :destroy_user_session
  end

This fix works for me:

class ApplicationController < ActionController::Base
  # ...
  def new_session_path(scope)
    new_user_session_path
  end
end

Should we reopen issue?

+2
printercu on Apr 13, 2014

In the docs it says

If you are using ONLY omniauth authentication, you need to define a route named new_user_session (if not defined, root will be used)

but in fact it raises the aforementioned error and doesn’t use the root. I’m on a brand new Rails4 app with gems

devise (3.1.0)
omniauth (1.1.4)
omniauth-linkedin-oauth2 (0.1.1)
omniauth-oauth2 (1.1.1)
+1
RKushnir on Sep 22, 2013
Read more comments on GitHub
← devise: undefined method `alias_method_chain (Rails 5.1, ruby 2.4)
devise: undefined method `rails5?' for Devise::Test:Module in 4.4.2 →