I did this by overriding the development session controller.
Add an entry to the routes for the custom session controller:
devise_for :users, :controllers => {:sessions => 'sessions'}
And redefine the session controller:
class SessionsController < Devise::SessionsController def create resource = warden.authenticate!(:scope => resource_name, :recall => "sessions#failure") return sign_in_and_redirect(resource_name, resource) end def sign_in_and_redirect(resource_or_scope, resource=nil) scope = Devise::Mapping.find_scope!(resource_or_scope) resource ||= resource_or_scope sign_in(scope, resource) unless warden.user(scope) == resource respond_with do |format| format.json {render :json => {:success => true} } format.any {super} end end def failure respond_with do |format| format.json {render:json => {:success => false, :errors => ["Login failed."]} } format.any {redirect_to :back, :notice => "Wrong Email / Password" } end #return render:json => {:success => false, :errors => ["Login failed."]} end end
" Rails and Devise: Override SessionsController discusses the same issue more.