I keep throwing this error while customizing Devise. Everything seems up to date and I checked the syntax. I am running Devise 4.1 and Rails 4.2.6. Any help would be greatly appreciated.
class ApplicationController < ActionController::Base
# Prevent CSRF attacks by raising an exception.
# For APIs, you may want to use :null_session instead.
protect_from_forgery with: :exception
before_action :configure_permitted_parameters, if: :devise_controller?
protected
def configure_permitted_parameters
devise parameter_sanitizer.permit(:account_update) do |user_params| user_params.permit(:email,
:password, :password_confirmation, :current_password, :title, :description,
:itunes, :stitcher, :podbay)
end
end
can you try devise_permitted_parameters instead of desive permitted_parameters, like this ->
def configure_permitted_parameters
devise_parameter_sanitizer.permit(:account_update) do |user_params|
user_params.permit(:email, :password, :password_confirmation, :current_password, :title, :description, :itunes, :stitcher, :podbay)
end #I think you also missed this 'end'
end
Please let me know if worked?
I tinkered and this is what worked for me:
def configure_permitted_parameters
devise_parameter_sanitizer.permit(:sign_up, keys: [:email, :password, :title])
devise_parameter_sanitizer.permit(:account_update, keys: [:email, :password,
:password_confirmation, :current_password, :title, :description, :itunes, :stitcher, :podbay])
end
Related
I am trying to add some additional fields to my edit user section. In the application controller i have been looking at the strong parameters. It worked when i just had the additional name field but now i am adding extra fields it is throwing the following error at me and i am not quite sure what i need to amend here to resolve this.
/application_controller.rb:12: syntax error, unexpected ',', expecting keyword_end ....for(:account_update) << :name, :line1, :line2, :town, :coun... ... ^
class ApplicationController < ActionController::Base
# Prevent CSRF attacks by raising an exception.
# For APIs, you may want to use :null_session instead.
protect_from_forgery with: :exception
before_filter :configure_permitted_parameters, if: :devise_controller?
protected
def configure_permitted_parameters
devise_parameter_sanitizer.for(:sign_up) << :name
devise_parameter_sanitizer.for(:account_update) << :name, :line1, :line2, :town, :county, :postcode
end
end
Try like this :
def configure_permitted_parameters
devise_parameter_sanitizer.for(:sign_up) { |u| u.permit(:name) }
devise_parameter_sanitizer.for(:account_update) { |u| u.permit(name, :line1, :line2, :town, :county, :postcode)}
end
I want to change parameter before it saves in model object in create action of Devise registrations_controller
class RegistrationsController < Devise::RegistrationsController
before_filter :configure_permitted_parameters
def create
phone = params[:user][:phone]
replacements = [ [' ', ''], ['-', ''], ['(', ''], [')', ''], ['+', ''] ]
params[:user][:phone] = replacements.each { |replacement| phone.gsub!(replacement[0], replacement[1]) }
super
end
protected
def configure_permitted_parameters
devise_parameter_sanitizer.for(:sign_up) do |u|
u.permit(:name, :surname, :patronymic, :username, :phone, :email, :password, :password_confirmation)
end
devise_parameter_sanitizer.for(:account_update) do |u|
u.permit(:name, :surname, :patronymic, :username, :phone, :email, :password, :password_confirmation, :current_password)
end
end
end
The problem is I can't change params[:user][:phone] because it unpermitted: Unpermitted parameters: phone. How can I change it after I get params? Thanks!
These aren't permitted because of Rails Strong Parameters. See the 'Strong Parameters' section in the Devise Github page.
Long story short, something like this should be placed into your ApplicationController, not the Devise controllers:
class ApplicationController < ActionController::Base
before_action :configure_permitted_parameters, if: :devise_controller?
protected
def configure_permitted_parameters
devise_parameter_sanitizer.for(:sign_up) << :phone
end
end
My registrations are working properly, I have 3 custom fields: name, avatar, avatar_cache.
Only the :name custom field is giving me a:
Unpermitted parameters: name in console.
I already sanitized strong parameters in Application Controller and the avatar / avatar_cache are saving correctly. Am I missing something?
def configure_permitted_parameters
devise_parameter_sanitizer.for(:sign_up) { |u| u.permit(:name, :avatar, :avatar_cache, :email, :password, :password_confirmation) }
end
def configure_permitted_parameters
devise_parameter_sanitizer.for(:account_update) { |u| u.permit(:name, :avatar, :avatar_cache, :email, :password, :current_password, :password_confirmation) }
end
Currently, you have redefined the method configure_permitted_parameters, which is why Ruby is picking the latest method definition i.e., the one which whitelists attributes for account_update. So, when you try to sign_up with custom attribute name, you would receive
Unpermitted parameters: name warning
as because of the overwriting the method configure_permitted_parameters, devise has no idea about the custom attributes that should have been whitelisted for sign_up
Your configure_permitted_parameters method should look like:
class ApplicationController < ActionController::Base
before_filter :configure_permitted_parameters, if: :devise_controller?
## ...
protected
def configure_permitted_parameters
devise_parameter_sanitizer.for(:sign_up) { |u| u.permit(:name, :avatar, :avatar_cache, :email, :password, :password_confirmation) }
devise_parameter_sanitizer.for(:account_update) { |u| u.permit(:name, :avatar, :avatar_cache, :email, :password, :current_password, :password_confirmation) }
end
end
Here is what I tried,
rails g migration add_username_to_hrs
bundle exec rake db:migrate
added the attr_accessible:username
restarted the server
My add_username_to_hr.rb
class AddUsernameToAuthorize < ActiveRecord::Migration
def change
add_column :authorizes, :username, :string
end
end
Error
undefined method `username' for #
Question: How can I add a username field in my devise gem?
Answer is now outdated [ Valid for rails4 ]
I have done the same. Please follow these steps:
rails generate migration add_username_to_users username:string:uniq
rake db:migrate
add attr_accessible :username
in application_controller.rb:
before_action :configure_permitted_parameters, if: :devise_controller?
protected
def configure_permitted_parameters
devise_parameter_sanitizer.for(:sign_up) { |u| u.permit(:username, :email, :password, :password_confirmation, :remember_me) }
devise_parameter_sanitizer.for(:sign_in) { |u| u.permit(:login, :username, :email, :password, :remember_me) }
devise_parameter_sanitizer.for(:account_update) { |u| u.permit(:username, :email, :password, :password_confirmation, :current_password) }
end
in config/initializers if you want to replace email by usernname
config.authentication_keys = [ :username ]
config.case_insensitive_keys = [ :username ]
config.strip_whitespace_keys = [ :username ]
update the views.
Note if attr_accessible :usernamegives error try attr_accessor :username
If you are using rails 4 then put below code in application controller
class ApplicationController < ActionController::Base
before_action :configure_permitted_parameters, if: :devise_controller?
protected
def configure_permitted_parameters
devise_parameter_sanitizer.for(:sign_up) << :username
end
end
If you are using rails 4 then follow this steps:
rails g migration AddUserNameToAuthorize
rake db:migrate
put this code in application_controller.rb to accept username parameter for sign_in, sign_up and also for account_update:
class ApplicationController < ActionController::Base
protect_from_forgery with: :exception
def configure_permitted_parameters
devise_parameter_sanitizer.for(:sign_in) { |u| u.permit(:email, :password,:username) }
devise_parameter_sanitizer.for(:sign_up) { |u| u.permit(:email, :password, :password_confirmation,:username) }
devise_parameter_sanitizer.for(:account_update) { |u| u.permit(:email, :password, :password_confirmation,:username) }
end
end
Devise actually add the field to model which you specified during devise setup. If You have add migration to that model. For example, you have used devise for user model, then you can generate migration for adding the username to user model and run the db:migrate and add the attr_accessible :username to model, if you are using rails < 4
You have to add username in the model which you had given in below command
rails g devise <modelname>
Once you are done then you need to follow your above steps but need to modify devise configuration file to look for username for login instead of email. Then restart rails server and it should be fine.
source = https://github.com/heartcombo/devise
add username to your usermodel
db:migrate
and then past following in your ApplicationController:
class ApplicationController < ActionController::Base
before_action :configure_permitted_parameters, if: :devise_controller?
protected
def configure_permitted_parameters
devise_parameter_sanitizer.permit(:sign_up, keys: [:username])
end
end
also this in your devise/registration/new.html.erb into the
<%= f.input :username,
required: true,
autofocus: true,
input_html: { autocomplete: "username" }%>
and you're good to go
I'm using the release candidate of Devise 3 so that I can use it with Rails 4. In Rails 3.2 I used to be able to add a custom field to my User model by simply adding that field to the registration/edit.html.erb and registration/new.html.erb files (after running the proper migration). Then I'd just add that field to the attr_accessible list of fields in the model.
However, in Rails 4, there is no attr_accessible list and I can't simply add fields in the views. How do I add custom User fields?
Adding
def configure_permitted_parameters
devise_parameter_sanitizer.for(:sign_in) { |u| u.permit(:username, :email) }
devise_parameter_sanitizer.for(:sign_up) { |u| u.permit(:username, :email, :password, :password_confirmation) }
devise_parameter_sanitizer.for(:account_update) { |u| u.permit(:username, :email, :password, :password_confirmation, :current_password) }
end
To applicationcontroller worked for me.
I was told to look in the main README on the github page and there it was. Easy.
class ApplicationController < ActionController::Base
before_filter :configure_permitted_parameters, if: :devise_controller?
protected
def configure_permitted_parameters
devise_parameter_sanitizer.for(:sign_up) << :username
end
end
In case you want to permit additional parameters you can do with a simple before filter in your
ApplicationController:
class ApplicationController < ActionController::Base
before_filter :configure_permitted_parameters, if: :devise_controller?
protected
def configure_permitted_parameters
devise_parameter_sanitizer.for(:sign_up) << :username
end
end
You need to enable Strong Parameters for devise instead of attr_accessible for doing that you need to create new initializer like:
DeviseController.class_eval do
def resource_params
unless params[resource_name].blank?
params.require(resource_name).permit(:email, :password, :password_confirmation, :remember_me)
end
end
end
Make sure that you cloned gem from rails4 branch(plataformatec/devise).
Remove attr_accesible from model