Merge pull request #850 from SuzukiRyuichiro/current-user-for-rails-8-auth

Burgestrand · web-flow · commit 51ce6a964cb5 · 2025-03-03T14:21:00.000+01:00
Add documentation to provide a guide for how to use pundit with rails 8's built-in authentication generator
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -7,6 +7,7 @@
 - Add `Pundit::Authorization#pundit_reset!` hook to reset the policy and policy scope cache. (#830)
 - Add links to gemspec. (#845)
 - Register policies directories for Rails 8 code statistics (#833)
+- Added an example for how to use pundit with Rails 8 authentication generator (#850)
 
 ## Changed
 
diff --git a/README.md b/README.md
@@ -582,6 +582,17 @@ def pundit_user
   User.find_by_other_means
 end
 ```
+
+For instance, Rails 8 includes a built-in [authentication generator](https://github.com/rails/rails/tree/8-0-stable/railties/lib/rails/generators/rails/authentication). If you choose to use it, the currently logged-in user is accessed via `Current.user` instead of `current_user`.
+
+To ensure compatibility with Pundit, define a `pundit_user` method in `application_controller.rb` (or another suitable location) as follows:
+
+```ruby
+def pundit_user
+  Current.user
+end
+```
+
 ### Handling User Switching in Pundit
 
 When switching users in your application, it's important to reset the Pundit user context to ensure that authorization policies are applied correctly for the new user. Pundit caches the user context, so failing to reset it could result in incorrect permissions being applied.
