Merge pull request #850 from SuzukiRyuichiro/current-user-for-rails-8…

…-auth Add documentation to provide a guide for how to use pundit with rails 8's built-in authentication generator
varvet · Mar 3, 2025 · 51ce6a9 · 51ce6a9
2 parents 5507430 + b117d41
commit 51ce6a9
Show file tree

Hide file tree

Showing 2 changed files with 12 additions and 0 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -7,6 +7,7 @@
 - Add `Pundit::Authorization#pundit_reset!` hook to reset the policy and policy scope cache. (#830)
 - Add links to gemspec. (#845)
 - Register policies directories for Rails 8 code statistics (#833)
+- Added an example for how to use pundit with Rails 8 authentication generator (#850)
 
 ## Changed
 

diff --git a/README.md b/README.md
@@ -582,6 +582,17 @@ def pundit_user
   User.find_by_other_means
 end
 ```
+
+For instance, Rails 8 includes a built-in [authentication generator](https://github.com/rails/rails/tree/8-0-stable/railties/lib/rails/generators/rails/authentication). If you choose to use it, the currently logged-in user is accessed via `Current.user` instead of `current_user`.
+
+To ensure compatibility with Pundit, define a `pundit_user` method in `application_controller.rb` (or another suitable location) as follows:
+
+```ruby
+def pundit_user
+  Current.user
+end
+```
+
 ### Handling User Switching in Pundit
 
 When switching users in your application, it's important to reset the Pundit user context to ensure that authorization policies are applied correctly for the new user. Pundit caches the user context, so failing to reset it could result in incorrect permissions being applied.