Develop Reference

User exists error on signup ruby on rails acts_as_paranoid

I'm having an error on signup. Console indicated its an error "User exists" however i think its a problem with acts_as_paranoid conflicting with devise gem. Can you please help?
Gem - Device & ActsAsParanoid
It was working fine until i added acts_as_paranoid gem
Console response:
Started POST "/users" for 127.0.0.1 at 2018-09-18 20:25:17 +1000
Processing by Users::RegistrationsController#create as HTML
Parameters: {"utf8"=>"✓", "authenticity_token"=>"WBPVa4QVwzij/j1H+6uOMNURddc2CQX/YJJ+pIKXi3mRwa4aIgOcYbwQKsPGO5sjFYUlC89lH1mn7SpmkYZ1qw==", "user"=>{"first_name"=>"Ben", "last_name"=>"Strachan", "email"=>"ben#ownerhealth.com.au", "password"=>"[FILTERED]", "password_confirmation"=>"[FILTERED]"}}
(0.2ms) BEGIN
User Exists (0.8ms) SELECT 1 AS one FROM "users" WHERE "users"."email" = $1 AND "users"."deleted_at" IS NULL LIMIT $2 [["email", "ben#ownerhealth.com.au"], ["LIMIT", 1]]
(0.2ms) ROLLBACK
Rendering devise/registrations/new.html.erb within layouts/auth
Rendered devise/shared/_links.html.erb (0.6ms)
Rendered devise/registrations/new.html.erb within layouts/auth (7.5ms)
(0.3ms) BEGIN
User Exists (0.5ms) SELECT 1 AS one FROM "users" WHERE "users"."email" = $1 AND "users"."deleted_at" IS NULL LIMIT $2 [["email", "ben#ownerhealth.com.au"], ["LIMIT", 1]]
(0.2ms) ROLLBACK
Completed 200 OK in 198ms (Views: 32.5ms | ActiveRecord: 2.2ms)
User model:
# == Schema Information
#
# Table name: users
#
# id :bigint(8) not null, primary key
# email :string default(""), not null
# encrypted_password :string default(""), not null
# reset_password_token :string
# reset_password_sent_at :datetime
# remember_created_at :datetime
# sign_in_count :integer default(0), not null
# current_sign_in_at :datetime
# last_sign_in_at :datetime
# current_sign_in_ip :string
# last_sign_in_ip :string
# created_at :datetime not null
# updated_at :datetime not null
# first_name :string
# last_name :string
# role :string
# invitation_token :string
# invitation_created_at :datetime
# invitation_sent_at :datetime
# invitation_accepted_at :datetime
# invitation_limit :integer
# invited_by_type :string
# invited_by_id :integer
# invitations_count :integer default(0)
# avatar_file_name :string
# avatar_content_type :string
# avatar_file_size :integer
# avatar_updated_at :datetime
# business_id :integer
# author_id :integer
# deleted_at :datetime
#
class User < ApplicationRecord
acts_as_paranoid
# Include default devise modules. Others available are:
# :confirmable, :lockable, :timeoutable and :omniauthable
ROLES = [
ROLE_ADMIN = "Admin",
ROLE_REGULAR = "Regular"
]
devise :invitable, :database_authenticatable, :registerable,
:recoverable, :rememberable, :trackable, :validatable
validates :first_name, presence: true, length: { maximum: 50 }
validates :last_name, presence: true, length: { maximum: 50 }
validates :role, inclusion: ROLES, presence: true
has_attached_file :avatar, styles: { medium: "450x450>" },
default_url: -> (attachment) {
ActionController::Base.helpers.asset_path(
'default-avatar.png'
)
}
validates_attachment_content_type :avatar, content_type: /\Aimage\/.*\z/
before_validation :set_role
belongs_to :business, optional: true
def full_name
[first_name, last_name].join(" ")
end
def admin?
self.role == ROLE_ADMIN
end
private
def set_role
self.role = ROLE_REGULAR if self.role.blank?
end
end
Registration controller:
class Users::RegistrationsController < Devise::RegistrationsController
layout 'auth'
# before_action :configure_sign_up_params, only: [:create]
# before_action :configure_account_update_params, only: [:update]
# GET /resource/sign_up
# def new
# super
# end
# POST /resource
def create
super
if resource.save
business = Business.create first_name: resource.first_name,
last_name: resource.first_name,
email: resource.email
resource.update business_id: business.id
end
end
Schema:
create_table "users", force: :cascade do |t|
t.string "email", default: "", null: false
t.string "encrypted_password", default: "", null: false
t.string "reset_password_token"
t.datetime "reset_password_sent_at"
t.datetime "remember_created_at"
t.integer "sign_in_count", default: 0, null: false
t.datetime "current_sign_in_at"
t.datetime "last_sign_in_at"
t.string "current_sign_in_ip"
t.string "last_sign_in_ip"
t.datetime "created_at", null: false
t.datetime "updated_at", null: false
t.string "first_name"
t.string "last_name"
t.string "role"
t.string "invitation_token"
t.datetime "invitation_created_at"
t.datetime "invitation_sent_at"
t.datetime "invitation_accepted_at"
t.integer "invitation_limit"
t.string "invited_by_type"
t.integer "invited_by_id"
t.integer "invitations_count", default: 0
t.string "avatar_file_name"
t.string "avatar_content_type"
t.integer "avatar_file_size"
t.datetime "avatar_updated_at"
t.integer "business_id"
t.integer "author_id"
t.datetime "deleted_at"
t.index ["deleted_at"], name: "index_users_on_deleted_at"
t.index ["email"], name: "index_users_on_email", unique: true
t.index ["invitation_token"], name: "index_users_on_invitation_token", unique: true
t.index ["invitations_count"], name: "index_users_on_invitations_count"
t.index ["invited_by_id"], name: "index_users_on_invited_by_id"
t.index ["invited_by_type", "invited_by_id"], name: "index_users_on_invited_by_type_and_invited_by_id"
t.index ["reset_password_token"], name: "index_users_on_reset_password_token", unique: true
end

I made an error! The user author_id relationship was wrong. This has fixed.
belongs_to :author, class_name: 'User', foreign_key: 'author_id', optional: true

Devise Gem: Login only with email

My question is really simple, ¿How can I authenticate only with the client's email (I mean no password at all)? I know it's a bad practice but it's one of the client's requirements.
Currently I have acomplished to sign up with no password and when it finishes its registration it redirects to the appropiate page (the views with authenitcation required). The problem is that If I delete cookies and try to sign-in it shows "Incorrect login or password"
Currently what I have so far:
User Model:
class User < ApplicationRecord
# Include default devise modules. Others available are:
# :confirmable, :lockable, :timeoutable and :omniauthable
devise :database_authenticatable, :registerable,
:recoverable, :rememberable, :trackable,
:validatable, :confirmable,:authentication_keys => [:login]
attr_accessor :login
def password_required?
false
end
end
Application_Controller:
class ApplicationController < ActionController::Base
protect_from_forgery with: :exception
before_action :configure_permitted_parameters, if: :devise_controller?
protected
def configure_permitted_parameters
added_attrs = [:email, :remember_me]
devise_parameter_sanitizer.permit :sign_up, keys: added_attrs
devise_parameter_sanitizer.permit :account_update, keys: added_attrs
devise_parameter_sanitizer.permit :sign_in, keys: added_attrs
end
end
User's Migration:
class DeviseCreateUsers < ActiveRecord::Migration[5.0]
def change
create_table :users do |t|
## Database authenticatable
t.string :email, null: false, default: ""
## Rememberable
t.datetime :remember_created_at
## Trackable
t.integer :sign_in_count, default: 0, null: false
t.datetime :current_sign_in_at
t.datetime :last_sign_in_at
t.string :current_sign_in_ip
t.string :last_sign_in_ip
## Confirmable
t.string :confirmation_token
t.datetime :confirmed_at
t.datetime :confirmation_sent_at
t.string :unconfirmed_email # Only if using reconfirmable
## Lockable
# t.integer :failed_attempts, default: 0, null: false # Only if lock strategy is :failed_attempts
# t.string :unlock_token # Only if unlock strategy is :email or :both
# t.datetime :locked_at
t.timestamps null: false
end
add_index :users, :email, unique: true
add_foreign_key :users, :doctores, column: :email, primary_key: :email
# add_index :users, :confirmation_token, unique: true
# add_index :users, :unlock_token, unique: true
end
end
Obviously I alread changed sessions' new view and registration's new view

Have you seen this wiki article? https://github.com/plataformatec/devise/wiki/How-To:-Email-only-sign-up
If the intention here is never to have a password, then take note of the third section - you can override Devise's password_required? and password_match?

Although my answer is very late. This might gem be a good reference for others facing similar issue https://github.com/abevoelker/devise-passwordless

Devise sign-up successful, login unsuccessful

As the title says, I correctly sign-up using the username and password field in devise. However, when I try to login the 'Invalid Email, Login or password' is displayed. The username is stored as seen on the rails console, however, the password isn't encrypted or shown here:
=> #<ActiveRecord::Relation [#<User id: 9, email: "", created_at: "2016-12-01 16:32:20", updated_at: "2016-12-01 16:32:20", username: "benjamin">]>
Application Controller:
class ApplicationController < ActionController::Base
protect_from_forgery with: :exception
before_action :authenticate_user!
before_action :configure_permitted_parameters, if: :devise_controller?
protected
def configure_permitted_parameters
added_attrs = [:username, :email, :password, :password_confirmation, :remember_me]
devise_parameter_sanitizer.permit :sign_up, keys: [:username, :password]
devise_parameter_sanitizer.permit :account_update, keys: [:username, :password]
end
end
User.rb:
class User < ApplicationRecord
# Include default devise modules. Others available are:
# :confirmable, :lockable, :timeoutable and :omniauthable
has_many :stories
validates :username, :presence => true, :uniqueness => { :case_sensitive => false}
validates_format_of :username, with: /^[a-zA-Z0-9_\.]*$/, :multiline => true
attr_accessor :login
devise :database_authenticatable, :registerable,
:recoverable, :rememberable, :trackable, :validatable, :authentication_keys => {email: true, login: false}
def self.find_for_database_authentication(warden_conditions)
conditions = warden_conditions.dup
if login = conditions.delete(:login)
where(conditions.to_h).where(["lower(username) = :value OR lower(email) = :value", { :value => login.downcase }]).first
elsif conditions.has_key?(:username) || conditions.has_key?(:email)
where(conditions.to_h).first
end
end
def email_required?
false
end
def email_changed?
false
end
end
My DB files are relevant:
class DeviseCreateUsers < ActiveRecord::Migration[5.0]
def change
create_table :users do |t|
## Database authenticatable
t.string :email, null: false, default: ""
t.string :encrypted_password, null: false, default: ""
## Recoverable
t.string :reset_password_token
t.datetime :reset_password_sent_at
## Rememberable
t.datetime :remember_created_at
## Trackable
t.integer :sign_in_count, default: 0, null: false
t.datetime :current_sign_in_at
t.datetime :last_sign_in_at
t.string :current_sign_in_ip
t.string :last_sign_in_ip
## Confirmable
# t.string :confirmation_token
# t.datetime :confirmed_at
# t.datetime :confirmation_sent_at
# t.string :unconfirmed_email # Only if using confirmable
## Lockable
# t.integer :failed_attempts, default: 0, null: false # Only if lock strategy is :failed_attempts
# t.string :unlock_token # Only if unlock strategy is :email or :both
# t.datetime :locked_at
t.timestamps null: false
end
add_index :users, :email, unique: true
add_index :users, :reset_password_token, unique: true
# add_index :users, :confirmation_token, unique: true
# add_index :users, :unlock_token, unique: true
end
end
/
class RemoveEmailUniquenessFromUser < ActiveRecord::Migration[5.0]
def change
change_column :users, :email, :string, unique: false
end
end
/
class RemoveIndexFromUsersEmail < ActiveRecord::Migration[5.0]
def change
remove_index :users, :email
end
end
Edit:
I have changed devise params to:
def configure_permitted_parameters
added_attrs = [:username, :email, :password, :password_confirmation, :remember_me]
devise_parameter_sanitizer.permit :sign_in, keys: [:username, :password]
devise_parameter_sanitizer.permit :sign_up, keys: [:username, :password, :password_confirmation]
devise_parameter_sanitizer.permit :account_update, keys: [:username, :password, :password_confirmation]
end
Still having
'invalid, email, login or password'

In here:
def configure_permitted_parameters
added_attrs = [:username, :email, :password, :password_confirmation, :remember_me]
devise_parameter_sanitizer.permit :sign_up, keys: [:username, :password]
devise_parameter_sanitizer.permit :account_update, keys: [:username, :password]
end
You aren't using the added_attrs variable. I'm guessing you need to also permit those fields.

NoMethodError - undefined method `email' for #<ActionDispatch::

Devise 3.5.2, Rails 4.2.3
While logging in, I'm trying to pass a hidden role_id along with the email/password combination. I am allowing the same email to register again, on a different subdomain, which causes a different role_id to be passed. The email+role_id is the unique index for the user.
I can create a user, but cannot log in. When I submit the log in form, I am faced with the following error:
undefined method 'email' for #<ActionDispatch::Request:0x007fa21628bda0>
EDIT:
If anyone can explain the process of changing the email uniqueness validation to email+role_id (not either/or, but and), that's all I need to accomplish. Following that process properly may avoid this error.
Debugging info:
The POST parameters are as follows:
{"utf8"=>"✓",
"authenticity_token"=>"[FILTERED]",
"member"=>{"role_id"=>"1",
"email"=>"some.user#email.com",
"password"=>"[FILTERED]",
"remember_me"=>"0"},
"commit"=>"Log in"}
Here is my Member model:
class Member < ActiveRecord::Base
# Include default devise modules. Others available are:
# :confirmable, :lockable, :timeoutable and :omniauthable
devise :database_authenticatable, :registerable,
:recoverable, :rememberable, :trackable, :validatable,
:confirmable, :lockable, :timeoutable, :omniauthable
belongs_to :role
def self.find_for_authentication(warden_conditions)
where(:email => warden_conditions[:email], :role_id => warden_conditions[:role_id]).first
end
end
In config/initializers/devise.rb, the following is set:
config.authentication_keys = [:email, :role_id]
config.request_keys = [:email, :role_id]
My views/devise/sessions/new.html.erb includes:
<%= f.hidden_field :role_id, :value => Role.find_by_name(current_subdomain).id %>
I adjusted vendor/bundle/ruby/1.9.1/gems/devise-3.5.2/lib/devise/models/validatable.rb by changing this line:
validates_uniqueness_of :email, allow_blank: true, if: :email_changed?
to:
validates_uniqueness_of :email, :scope => :role_id, allow_blank: true, if: :email_changed? #using subdomains for validation
The relevant database migrations for the member are found here:
...devise_create_members.rb
class DeviseCreateMembers < ActiveRecord::Migration
def change
create_table(:members) do |t|
## Database authenticatable
t.string :email, null: false, default: ""
t.string :encrypted_password, null: false, default: ""
## Recoverable
t.string :reset_password_token
t.datetime :reset_password_sent_at
## Rememberable
t.datetime :remember_created_at
## Trackable
t.integer :sign_in_count, default: 0, null: false
t.datetime :current_sign_in_at
t.datetime :last_sign_in_at
t.string :current_sign_in_ip
t.string :last_sign_in_ip
## Confirmable
t.string :confirmation_token
t.datetime :confirmed_at
t.datetime :confirmation_sent_at
t.string :unconfirmed_email # Only if using reconfirmable
## Lockable
t.integer :failed_attempts, default: 0, null: false # Only if lock strategy is :failed_attempts
t.string :unlock_token # Only if unlock strategy is :email or :both
t.datetime :locked_at
t.timestamps null: false
end
add_index :members, :email, unique: true
add_index :members, :reset_password_token, unique: true
add_index :members, :confirmation_token, unique: true
add_index :members, :unlock_token, unique: true
end
...add_columns_to_member.rb
class AddColumnsToMember < ActiveRecord::Migration
def change
add_reference :members, :contact, index: true
add_reference :members, :role, index: true
add_reference :members, :ownership, index: true
add_column :members, :account_status, :string
end
end
...reindex_members_email_and_role.rb
class ReindexMembersEmailAndRole < ActiveRecord::Migration
def change
add_index :members, [:email, :role_id], :unique => true
end
end
The last item on the trace is:
vendor/bundle/ruby/1.9.1/gems/devise-3.5.2/lib/devise/strategies/authenticatable.rb:152:in `block in request_values'
keys = request_keys.respond_to?(:keys) ? request_keys.keys : request_keys
values = keys.map { |k| self.request.send(k) } <--ERROR THIS LINE
Hash[keys.zip(values)]
end
What am I missing?

To fix this, I changed my config/initializers/devise.rb to reflect the following:
config.request_keys = { role_id: false }
This fixed the issue, but still prevented the same email from signing up with a different role ID. To fix this, I removed :validatable from my User model and added:
validates_uniqueness_of :email, :case_sensitive => false, :scope => :role_id, :allow_blank => true, :if => :email_changed?
validates_format_of :email, :with => Devise.email_regexp, :allow_blank => true, :if => :email_changed?
validates_presence_of :password, :on=>:create
validates_confirmation_of :password, :on=>:create
validates_length_of :password, :within => Devise.password_length, :allow_blank => true
This allows the same email address to sign up with a different role_id.
I also changed the following in authenticatable.rb:
def request_values
keys = request_keys.respond_to?(:keys) ? request_keys.keys : request_keys
values = keys.map { |k| self.request[self.scope][k] }
# values = keys.map { |k| self.request.send(k) }
Hash[keys.zip(values)]
end
UPDATE
I got tired of always having to re-hack the devise library, especially after I updated gems or transferred the app. I found this page that offered a better work-around (still follow the step regarding validations the User model listed above):
(From https://github.com/plataformatec/devise/pull/3965)
Comment out the following line we edited above:
# config.request_keys = { role_id: false }
Edit the config.authentication_keys line as follows:
config.authentication_keys = { email: true, role_id: false }
The issue is that request_keys honors only predefined keys such as :subdomain.
That should work now for creating a combination of custom keys to authenticate with.

Devise error: email can't be blank

(Edit: added development.log logs, "Unpermitted parameters: email")
Devise was working fine but I deleted all users using rails console and tried to make a new user. I get an error that email can't be blank. When I remove the :validatable block I get this error.
I tried to go back to commits but the error exists on all other commits. I am not sure if its something to do with the database.
My project can be found here (I pushed the last commit). I am not sure where the problem is and what I can copy for devise. I have put some code here which may show the problem.
I was able to create a user through rails console using:
u = User.new(:email => "user#name.com", :username => "test", :password => 'password', :password_confirmation => 'password')
u.save
Logs when trying to signup:
Processing by Devise::RegistrationsController#create as HTML
Parameters: {"utf8"=>"✓", "authenticity_token"=>"WQkgKxF8rIB1wAq8vnz4Y0bCv9Txlyv0eO8IyEmpEAk=", "user"=>{"email"=>"user#example.com", "username"=>"test", "password"=>"[FILTERED]", "password_confirmation"=>"[FILTERED]"}, "commit"=>"Sign up"}
Unpermitted parameters: email
User.rb
class User < ActiveRecord::Base
devise :database_authenticatable, :registerable, :omniauthable,
:recoverable, :rememberable, :trackable, :validatable
attr_accessible :provide, :uid, :name, :email, :password, :password_confirmation, :remember_me, :username
validates_presence_of :username
has_many :posts
def self.from_omniauth(auth)
where(auth.slice(:provider, :uid)).first_or_create do |user|
user.provider = auth.provider
user.uid = auth.uid
user.username = auth.info.nickname
end
end
def self.new_with_session(params, session)
if session["devise.user_attributes"]
new(session["devise.user_attributes"], without_protection: true) do |user|
user.attributes = params
user.valid?
end
else
super
end
end
def password_required?
super && provider.blank?
end
def update_with_password(params, *options)
if encrypted_password.blank?
update_attributes(params, *options)
else
super
end
end
end
schema.rb
ActiveRecord::Schema.define(:version => 20131118165834) do
create_table "photo_posts", :force => true do |t|
t.string "image_file_name"
t.string "image_content_type"
t.integer "image_file_size"
t.datetime "image_updated_at"
end
create_table "posts", :force => true do |t|
t.integer "user_id"
t.datetime "created_at", :null => false
t.datetime "updated_at", :null => false
t.string "content_type"
t.integer "content_id"
end
add_index "posts", ["content_type", "content_id"], :name => "index_posts_on_content_type_and_content_id"
add_index "posts", ["user_id"], :name => "index_posts_on_user_id"
create_table "title_posts", :force => true do |t|
t.string "body"
end
create_table "users", :force => true do |t|
t.string "email", :default => "", :null => false
t.string "encrypted_password", :default => "", :null => false
t.string "reset_password_token"
t.datetime "reset_password_sent_at"
t.datetime "remember_created_at"
t.integer "sign_in_count", :default => 0, :null => false
t.datetime "current_sign_in_at"
t.datetime "last_sign_in_at"
t.string "current_sign_in_ip"
t.string "last_sign_in_ip"
t.datetime "created_at", :null => false
t.datetime "updated_at", :null => false
t.string "username"
t.string "provider"
t.string "uid"
t.string "name"
end
add_index "users", ["email"], :name => "index_users_on_email", :unique => true
add_index "users", ["reset_password_token"], :name => "index_users_on_reset_password_token", :unique => true
end
logs:
Started POST "/users" for 127.0.0.1 at 2013-11-24 00:23:12 +0000
Processing by Devise::RegistrationsController#create as HTML
Parameters: {"utf8"=>"✓", "authenticity_token"=>"awAC+Cn3qQgv2kMwZOlH8Zo60BuV4T41OnKjgvKeytE=", "user"=>{"email"=>"user#example.com", "username"=>"stttt", "password"=>"[FILTERED]", "password_confirmation"=>"[FILTERED]"}, "commit"=>"Sign up"}
Unpermitted parameters: email
[1m[36m (0.0ms)[0m [1mbegin transaction[0m
[1m[35m (0.0ms)[0m rollback transaction
Rendered devise/shared/_links.erb (1.0ms)
Rendered devise/registrations/new.html.erb within layouts/application (15.0ms)
Rendered layouts/_header.html.erb (4.0ms)
Rendered layouts/_footer.html.erb (0.0ms)
Completed 200 OK in 178.0ms (Views: 72.0ms | ActiveRecord: 0.0ms)

Found what the error is. I use strong parameters and that causes an error. More at https://github.com/plataformatec/devise#strong-parameters
So the solution is to add this into your application_controller.rb
# Rails 3.x.x and older
before_filter :configure_permitted_parameters, if: :devise_controller?
# Rails 4.x.x and newer
before_action :configure_permitted_parameters, if: :devise_controller?
def configure_permitted_parameters
devise_parameter_sanitizer.for(:sign_up) { |u| u.permit(:username, :email, :password, :password_confirmation) }
end
Keep in mind to configure for each action like :sign_in, :sign_up, :account_update etc.

The above answer is different for Devise 4 and Rails 5 now.
According to the documentation:
The Parameter Sanitaizer API has changed for Devise 4
class ApplicationController < ActionController::Base
before_action :configure_permitted_parameters, if: :devise_controller?
protected
def configure_permitted_parameters
devise_parameter_sanitizer.permit(:sign_up, keys: [:username])
end
end
Rails 5, Undefined method `for' for #<Devise on line devise_parameter_sanitizer.for