This is not really an issue, more of a "is this possible" question with the devise_fido_u2f gem.
What I would like to do is load the fido_usf_authentication/new page whenever only an admin account goes to /edit on my website. The idea is make certain if I were to change the password for an admin account through the website, I would need my yubikey to make sure I was allowed to get to the /edit page for devise.
I did bypass the default Devise registrations with my own registrations controller for my own reasons in my route file.
Here is my edit method for the registrations controller that skips the default registration controller for devise. Right now I have set to test to make sure a user is an admin.
def edit
redirect_to :root if !current_user.admin?
end
This is not really an issue, more of a "is this possible" question with the devise_fido_u2f gem.
What I would like to do is load the fido_usf_authentication/new page whenever only an admin account goes to /edit on my website. The idea is make certain if I were to change the password for an admin account through the website, I would need my yubikey to make sure I was allowed to get to the /edit page for devise.
I did bypass the default Devise registrations with my own registrations controller for my own reasons in my route file.
devise_for :users, path: '', path_names: { sign_in: 'login', sign_out: 'logout' }, :controllers => {:registrations => "registrations"}
Here is my edit method for the registrations controller that skips the default registration controller for devise. Right now I have set to test to make sure a user is an admin.
def edit redirect_to :root if !current_user.admin? end