Integrating Stripe in Rails app - ruby-on-rails

I am trying to create a custom form with stripe, and while it all appears to be submitting, when I check my dashboard in Stripe, although I do see a record of the transaction - I do not see the amount or any reference to the cc coming through. With that said, I am not quite sure what I SHOULD be seeing in the dashboard. But I am pretty sure I am doing something wrong. Here is the code to my form:
<div class="container">
<div class="row Row one">
<div class="col-sm-12 col-md-10">
<%= form_for #project, url: project_charges_path, :html => {:id => "payment-form"}, method: 'post' do |f| %>
<%= f.hidden_field :user_id, :value => current_user.id %>
<%= f.hidden_field :#project_id, :value => #project.id %>
<div class= "field">
<%= label_tag :card_number, "Credit Card Number" %><br>
<%= text_field_tag :card_number, nil, name: nil %><br>
</div>
<div class= "field">
<%= label_tag :card_code, "Security Code (cvc)" %><br>
<%= text_field_tag :card_code, nil, name: nil %><br>
</div>
<div class= "field">
<%= label_tag :card_month, "Expiration" %>
<%= select_month nil, {add_month_numbers: true}, {name: nil, id: "card_month"} %>
<%= select_year nil, {start_year: Date.today.year, end_year: Date.today.year+15}, {name: nil, id: "card_year"}%>
</div>
<div class= "actions">
<%= f.submit("Submit") %>
</div>
<div id="stipe-error">
<%= flash[:error] %>
</div>
<% end %>
</div>
</div>
<!-- <div class="row"></div> -->
and here is my charges controller:
class ChargesController < ApplicationController
def new
#project = Project.find(params[:project_id])
end
def create
#project = Project.find(params[:project_id])
binding.pry
# Amount in cents, this is being read and recorded in stripe dashboard
#amount = 500
customer = Stripe::Customer.create(
:email => 'helloWorld#stripe.com',
:card => params[:stripeToken]
)
charge = Stripe::Charge.create(
:customer => customer.id,
:amount => #amount,
:description => 'Rails Stripe customer',
:currency => 'usd'
)
#payment = Payment.create({
user_id: current_user.id,
project_id: #project,
amount: #amount
})
#payment.save
rescue Stripe::CardError => e
flash[:error] = e.message
end
# private
# def charges_params
# params.require(:payment).permit(:comments, :user_id, :project_id)
# end
end
Per a tutorial I have also included some javascript in my application.js:
$('#payment-form').submit(function(event) {
var $form = $(this);
alert('you clicked submit');
// Disable the submit button to prevent repeated clicks
$form.find('button').prop('disabled', true);
Stripe.card.createToken($form, stripeResponseHandler);
// Prevent the form from submitting with the default action
return false;
});
function stripeResponseHandler(status, response) {
var $form = $('#payment-form');
if (response.error) {
// Show the errors on the form
$form.find('.payment-errors').text(response.error.message);
$form.find('button').prop('disabled', false);
} else {
// response contains id and card, which contains additional card details
var token = response.id;
// Insert the token into the form so it gets submitted to the server
$form.append($('<input type="hidden" name="stripeToken" />').val(token));
// and submit
$form.get(0).submit();
}
}
Inside the striped dashboard I see:
the email comes through, but nothing concerning the amount or card. I don't expect to see the card number persay, but some reference to it, maybe just the type, or last four digits? Also in the front page of the dashboard (the area what gives a graph, I think I should be seeing the sum of the payments, even test payments, and the sum is still $0 despite having made over a dozen test payments of $5 each.
What am I missing here?
Also most of the tutorials I have come across are either really old, or PHP, which I am not familiar with. If anybody can recommend a great resource, that would really be helpful as well. I plan to use stripe for multiple projects, and would really like to UNDERSTAND it...

I might be very late in replying and you must have already done this but just in case this might help some else. I have just integrated stripe in my app. I am not sure what you are asking but i think a working example might help. This is very similar to what you have done and i can't find what's going wrong.
What i'm doing is saving customer_id returned by stripe in my user table. When the user saves the credit card, a certain amount according to the subscription plan is deducted. You will see the customer_id in your plan details under the subscribers in the dashboard. Also, in the customers, When you refer that customer_id, you'll see what plan he's subscribed to.
View: (creditcard.html.erb)
<div class="row">
<% if flash[:error].present? %>
<div class="col-lg-12 alert alert-danger">
<%= flash[:error] %>
</div>
<% else %>
<div class="col-lg-12" id = "payment-errors">
<span class="payment-errors"></span>
</div>
<% end %>
</div>
<div>
<%= form_tag plans_billings_chargecreditcard_path, id: "payment-form" do%>
<div class="row">
<div class="col-lg-3">
<div class="form-group">
<label>Card Number</label>
<%= text_field_tag nil, nil, size: 20, "data-stripe": "number", class: "form-control" %>
</div>
</div>
<div class="col-lg-2">
<div class="form-group">
<label>CVC</label>
<%= text_field_tag nil, nil, size: 4, "data-stripe": "cvc", class: "form-control" %>
</div>
</div>
</div>
<div class="row">
<div class="col-lg-12">
<div class="form-group">
<label>Expiration Date(MM/YY)</label>
<select class="selectpicker set-width" data-live-search="true" data-stripe = "exp_month">
<option>- Month -</option>
<option>1</option>
<option>2</option>
<option>3</option>
<option>4</option>
<option>5</option>
<option>6</option>
<option>7</option>
<option>8</option>
<option>9</option>
<option>10</option>
<option>11</option>
<option>12</option>
</select>
<select class="selectpicker set-width" data-live-search="true" data-stripe = "exp_year"> <!-- form-control input-lg -->
<option>- Year -</option>
<option>16</option>
<option>17</option>
<option>18</option>
<option>19</option>
<option>20</option>
<option>21</option>
<option>22</option>
<option>23</option>
<option>24</option>
<option>25</option>
<option>26</option>
</select>
</div>
</div>
</div>
<div class="row">
<div class="col-lg-12">
<div class="form-group">
<%= submit_tag "Save Card", class: "btn btn-primary" %>
</div>
</div>
</div>
<% end %>
</div>
CofeeScript: (plan_billings.coffee)
stripeResponseHandler = (status, response) ->
# Grab the form:
$form = $('#payment-form')
if response.error
# Problem!
# Show the errors on the form:
$('#payment-errors').addClass 'alert'
$('#payment-errors').addClass 'alert-danger'
$('.payment-errors').text response.error.message
$('.submit').prop 'disabled', false
# Re-enable submission
else
# Token was created!
# Get the token ID:
token = response.id
# Insert the token ID into the form so it gets submitted to the server:
$form.append $('<input type="hidden" name="stripeToken">').val(token)
# Submit the form:
$form.get(0).submit()
return
$ ->
$form = $('#payment-form')
$form.submit (event) ->
# Disable the submit button to prevent repeated clicks:
$form.find('.submit').prop 'disabled', true
# Request a token from Stripe:
Stripe.card.createToken $form, stripeResponseHandler
# Prevent the form from being submitted:
false
return
Controller: (in PlanBilling controller, chargecreditcard action)
#plan_and_billing = current_user.plan_billing
#current_plan = DataPlan.find_by(id: #plan_and_billing.data_plan_id)
token = params[:stripeToken]
if current_user.customer_id.present?
customer = Stripe::Customer.retrieve(current_user.customer_id)
customer.sources.create(source: token)
redirect_to plans_billings_planbilling_path
else
customer = Stripe::Customer.create( :source => token, plan: YOUR_PLAN_ID_YOU_HAVE_INYOUR__DASHBOARD )
#credit_card = current_user.update(customer_id: customer.id)
redirect_to plans_billings_planbilling_path
end
rescue Stripe::CardError => e
flash[:error] = e.message
redirect_to plans_billings_creditcard_path
What's happening in controller is that when a user has no card and he saves the card details, the card is saved and the Price of the plan you have mentioned is deducted. And if he already has a credit card saved, and saving another one, the card will only be saved as you'll see in his details in the dashboard. The new card will not be charged. Its just for saving new credit card to that customer.
I still have a long way to go in this, and of course this might not be a very good code, but this is just very basic thing you might find helpful. In case someone tries it out and faces some prob, i'll be glad to help. Also, I'll be grateful if someone can guide me to make this code better. Cheers :)

Related

Form not working on Access Denied redirection in Rails 4

I'm working on a Rails 4 web application, using Devise and CanCanCan.
When a user first signs up to create an account, they are redirected to a subscription page where they enter in credit card details, etc.
User Creation -> Subscription Creation = Form works
This is working absolutely perfectly and once they enter in their subscription information, a permission change is made on their account and they can then access a new part of the site. All good.
Now the issue I am having is, if a user signs up, then tries to access this new part of the site without subscribing, I redirect them to the subscription page. However when I do this, the form just doesn't work. They hit submit and nothing happens.
User Creation -> Tries to access resource, gets redirected to
Subscription Creation = Form doesn't work
Here is the code I am using to perform the redirection:
application_controller.rb
def access_denied(exception)
redirect_to(new_subscription_path, alert: exception.message + " Please subscribe.")
end
The strange thing is that I am using the exact same code to redirect when they first create a user account. This is shown here:
registrations_controller.rb
def after_sign_up_path_for(resource)
new_subscription_path
end
Here is the code for the subscription controller:
class SubscriptionsController < ApplicationController
before_filter :authenticate_user!
def new
#subscription = Subscription.new
end
def create
#subscription = Subscription.new(subscription_params)
#user = current_user
#subscription.user_id = current_user.id
if #subscription.save_with_payment
redirect_to success_path, :notice => "Thank you for subscribing!"
if current_user.role = "guest"
User.update(current_user.id, role: "read")
end
UserMailer.subscription_welcome_email(#user).deliver
else
render :new
end
end
def show
#subscription = Subscription.find(params[:id])
end
def destroy
#subscription = Subscription.find_by(user_id: current_user.id)
User.update(current_user.id, role: "guest")
unless #subscription.stripe_customer_id.nil?
customer = Stripe::Customer.retrieve(#subscription.stripe_customer_id)
customer.subscriptions.retrieve(customer.subscriptions.first.id).delete
end
#user = current_user
UserMailer.subscription_destroy_email(#user).deliver
#subscription.destroy
rescue Stripe::StripeError => e
logger.error "Stripe Error: " + e.message
errors.add :base, "Unable to cancel your subscription. #{e.message}."
false
end
def subscription_params
params.require(:subscription).permit(:stripe_card_token, :last_4_digits, :plan, :expiry_month, :expiry_year)
end
end
Form code:
<div class='panel panel-default'>
<div class='panel-heading'>
<h2>Subscribe</h2>
</div>
<div class='panel-body'>
<%= semantic_form_for #subscription, :html => {:class => 'main-form'} do |f| %>
<font color=red><b><%= f.semantic_errors *f.object.errors.keys %></b></font>
<%= f.hidden_field :stripe_card_token %>
<div id='stripe_error' class="alert alert-info" style='display:none'>
</div>
<span class="help-block">Nothing is billed to your card for 7 days. <b>Guaranteed. </b>
<br>If you choose to continue after 7 days, only then will you be billed.</span>
<div class='form-group'>
<%= label_tag :card_number, "Credit Card Number" %><%= image_tag "welcome/checkout/amex.png", alt: "American Express", class: "credit-card-image" %><%= image_tag "welcome/checkout/mastercard.png", alt: "Mastercard", class: "credit-card-image" %><%= image_tag "welcome/checkout/visa.png", alt: "Visa", class: "credit-card-image" %>
<%= text_field_tag :card_number, nil, name: nil, class: 'form-control input-box', :placeholder => 'Credit Card Number' %>
</div>
<div class='row'>
<div class="col-xs-6">
<%= label_tag :card_code, "Security Code on Card (CVC)" %><%= image_tag "welcome/checkout/credit.png", alt: "Credit Card Image", class: "credit-card-image" %>
<%= text_field_tag :card_code, nil, name: nil, class: 'form-control input-box', :placeholder => 'Security Code on Card (CVC)' %>
</div>
<div class="col-xs-6">
<%= label_tag :card_month, "Card Expiration" %><br>
<%= select_month nil, {add_month_numbers: true}, {name: nil, id: "card_month", class: 'expiration'} %>
<%= select_year nil, {start_year: Date.today.year+1, end_year: Date.today.year+15}, {name: nil, id: "card_year", class: 'expiration'} %>
</div>
</div>
</div>
<div id="stripe_error">
<noscript>JavaScript is not enabled and is required for this form. First enable it in your web browser settings.</noscript>
</div>
<div>
<%= f.submit "Subscribe", class: 'btn standard-button' %>
</div>
<% end %>
</div>
</div>
Can anyone assist? Let me know if any extra code is required. Thanks
EDIT: Just to make things weird, this error is only happening when I hit a link in my navigation that is new_subscription_path .. the access denied works fine if I type in manually the URL of the permissioned resource. Could there be something wrong with the path I am using in the header? Do I need to pass something specific into it? I've also tried to check if it was JavaScript by adding in a console log, but nothing comes through, so I don't think this is an issue, despite it feeling like a JS issue.
You should check you javascript. Clearly it blocks form from submission. I've looked at your previous question here and it looks like your handleStripeResponse handler always goes into else condition block not submitting form as the result. My bet is that $('meta[name="stripe-key"]').attr('content') is undefined after your redirection.
Disabled Turbolinks solved this problem

Stripe withdrawal action in rails marketplace app

I'm new to rails. I'm trying to create a rails marketplace where sellers can cash out their acquired funds from sales on the site.
I'm confused how to configure my withdrawal form and my orders controller.
When I simply just go to localhost:3000/withdrawal, a Stripe Recipient with just name is created on my Stripe dashboard without even completing the form. My form is nonexistent because everything I've tried for form_for generates an error.
I want the user to input their info and then choose to submit it, not create the recipient when "cash out" (which leads to the withdrawal path) is clicked.
The stripe documentation is helpful, but I'm not sure how to create my form.
Here is my withdrawal action in my orders controller. I'm wondering if I need a new action within withdrawal? But not sure if that's possible?
def withdrawal
Stripe.api_key = ENV["STRIPE_API_KEY"]
token = params[:stripeToken]
recipient = Stripe::Recipient.create(
:name => current_user.full_name,
:type => "individual",
:bank_account => token
)
transfer = Stripe::Transfer.create(
:amount => (#funds).floor,
:currency => "usd",
:recipient => #seller.recipient
)
end
And my withdrawal.html.erb. I know I am missing a form tag and submit, but everything I've tried just processes an error. I don't know what form_for to call. I've tried "order" but it results in an error.
<div class="text-center">
<h1>Bank Account Information</h1>
<div class="form-group">
<%= label_tag :name %>
<%= text_field_tag :name, nil, { :name => nil, :'data-stripe' => "name", class: "form-control" } %>
</div>
<div class="form-group">
<%= label_tag :withdrawal_amount %>
<%= text_field_tag :withdrawal_amount, nil, { :name => nil, :'data-stripe' => "amount", class: "form-control" } %>
</div>
<div class="form-group">
<%= label_tag :routing_number %>
<%= text_field_tag :routing_number, nil, { :name => nil, :'data-stripe' => "routingNumber", class: "form-control" } %>
</div>
<div class="form-group">
<%= label_tag :account_number %>
<%= text_field_tag :account_number, nil, { :name => nil, :'data-stripe' => "accountNumber", class: "form-control" } %>
</div>
I'd appreciate any guidance on how to create this "cash out" action. Thanks.
form_for is for model objects. If you're not using a model object, or don't want/need Rails to infer things from the model object, don't use form_for.
For simple forms, instead use one of:
form_tag - Same syntax as form_for but without the model-related magic.
A plain old <FORM> tag. ERB templates are, after all, just HTML with Ruby mixed in.
Your view should look something like the following:
<%= form_tag withdrawl_path, method: :post do %>
<input type="text" name="card[number]" />
<!-- whatever fields you need for form -->
<% end %>
You will be able to access the submitted params via params[:card][:param_name] or use strong params and only permit params you need.
Use custom routes
get "/form" => "controller_name#action_for_form", as: :action_for_form
post "/withdrawl" => "controller_name#withdrawl", as: :withdrawl
Controller:
def action_for_form
# whatever code you need to setup form
#seller = Seller.find(params[:seller_id])
end
def withdrawl
# withdrawl code here
end
private
def card_params
params[:card].permit(:card_token, :other_params)
end
Its worth taking the time to understand the form tag and using Rails outside of the Railsy way of form submissions. It can get messy, but it allows for much more flexibility.

Sending POST request in Rails

How would I go about sending an HTTP POST request in the following format in a Rails setup:
curl https://api.venmo.com/v1/payments -d access_token=4e4sw1111111111t8an8dektggtcbb45 -d email="someemail#gmail.com" -d amount=5 -d note="Delivery."
I'd like to have users input the email/amount/note parameters into a form on a webpage, then pass that data (when the user clicks the submit button) into a Controller where the access_token parameter is stored to then fire off the POST request.
So far I've tried setting up the Controller with this method (and calling it from the view html.erb):
def make_payment
if !params[:access_token].nil?
form_data = {
"email" => #email_to,
"amount" => #amount_to,
"note" => #note_to,
"access_token" => :access_token
}
url = "https://api.venmo.com/v1/payments"
request = Net::HTTP::Post.new(url, form_data)
response = http.request(request)
end
end
Here's my current view setup:
<div class="box box-warning">
<div class="box-header">
<h3 class="box-title">Pay Bill using Venmo Account</h3>
<div id="payment_note_input">
<input id="payment_note" type="text" class="form-control" required placeholder="add a note to your payment">
</div>
<div id="payment_target_input" >
<input id="payment_target" type="text" class="form-control" required placeholder="pay an email address">
</div>
<div id="payment_amount_input">
<input id="payment_amount" type="text" class="form-control" required placeholder="enter the payment amount! ">
</div>
</br>
<button class="btn btn-danger" type="button" onClick= <%=make_payment%> > Make payment</button>
</div>
I feel like I'm close to a solution here...
You can use httpparty gem to achieve that, its easy to use in only 1 line:
response = HTTParty.post("https://example.com?param1=value1",
:body => {:text => data}.to_json,
:headers => {'Content-Type' => 'application/json'}
)
You can remove Body and Header if you don't have specific Body or Header,
and if you want to achieve Get request its even easier:
responce = HTTParty.get('http://example.com.json')
json=JSON.parse(responce.body) # in case you expect json responce
You need to use a form in order to generate a POST request from the web page. Rails provides you with Form helpers that would help you achieve this.
<div class="box box-warning">
<div class="box-header">
<%= form_tag make_payment_path do %>
<%= hidden_field_tag "access_token", #access_token %>
<h3 class="box-title">Pay Bill using Venmo Account</h3>
<div id="payment_note_input">
<%= text_field_tag "payment_note", nil, class: "form-control", placeholder: "add a note to your payment" %>
</div>
<div id="payment_target_input" >
<%= text_field_tag "payment_target", nil, class: "form-control", placeholder: "pay an email address" %>
</div>
<div id="payment_amount_input">
<%= text_field_tag "payment_amount",nil, class:"form-control", placeholder: "enter the payment amount! ">
</div>
</br>
<%= sumbit_tag "Make payment", class:"btn btn-danger" %>
<% end %>
</div>
And then you can access the form variables in your controller by...
def make_payment
access_token = params[:access_token]
note = params[:payment_note]
target = params[:payment_target]
...
end

Stripe token not carrying over to controller rails 4

The Issue
I've tested the CoffeeScript and the form makes the call to Stripe, sets the hidden field with the proper response token and submits the form. My issue is that once its submitted the controller doesn't seem to grab the token properly and throws this error: Stripe::InvalidRequestError - You must supply either a card or a customer id.
Next I tired taking the token that was generated and hard coded it into the controller to see if that would work. I submitted the form, that worked and payment was received on Stripes end. I'm pretty much out of ideas on what to try next. I'm wondering if I am forgetting something or missing something since payments is nested under assignments.
Gem Versions
Ruby: 2.1.0
Rails: 4.0.1
Stripe: 1.9.9
Files
/payment/new.html.erb
<%= form_for([#assignment, #payment]) do |f| %>
<% if #payment.errors.any? %>
<div class="error_messages">
<h2><%= pluralize(#payment.errors.count, "error") %> prohibited this subscription from being saved:</h2>
<ul>
<% #payment.errors.full_messages.each do |msg| %>
<li><%= msg %></li>
<% end %>
</ul>
</div>
<% end %>
<%= f.hidden_field :stripe_customer_token %>
<% if #payment.stripe_customer_token.present? %>
<p>This assignment has already been paid for.</p>
<% else %>
<div class="field">
<%= label_tag :card_number, "Credit Card Number" %>
<%= text_field_tag :card_number, nil, name: nil, placeholder: "00000000000000" %>
</div>
<div class="row">
<div class="field card__dates">
<%= label_tag :card_month, "Card Expiration" %>
<%= select_month nil, {add_month_numbers: true}, {name: nil, id: "card_month"} %>
<%= select_year nil, {start_year: Date.today.year, end_year: Date.today.year+15}, {name: nil, id: "card_year"} %>
</div>
<div class="field card__cvv">
<%= label_tag :card_code, "CVV" %>
<%= text_field_tag :card_code, nil, name: nil, placeholder: "003", required: true, maxlength: 4, minlength: 3 %>
</div>
</div>
<% end %>
<div id="stripe_error">
<noscript>JavaScript is not enabled and is required for this form. First enable it in your web browser settings.</noscript>
</div>
<div class="actions">
<%= f.submit "Pay " + number_to_currency(#assignment.price.to_s), class: 'btn btn__primary btn__large btn--fill' %>
</div>
payment_controller.rb
class PaymentsController < ApplicationController
def new
set_assignment
#payment = #assignment.build_payment
#price = #assignment.price
end
def create
set_assignment
#payment = #assignment.build_payment(payment_params)
if save_with_payment
redirect_to assignments_path, :notice => "Payment received, Thank you!"
# since payment was successful, set assignment paid to true
Assignment.update(#assignment, assignment_paid: true, project_status: "In Progress")
else
render :new
end
end
private
def save_with_payment
# Set your secret key: remember to change this to your live secret key in production
# See your keys here https://manage.stripe.com/account
Stripe.api_key = Rails.configuration.stripe[:secret_key]
# Get the credit card details submitted by the form
token = params[:stripe_customer_token]
# How much the assignment costs, which must be converted to cents
#amount = (#price * 100)
# Create the charge on Stripe's servers - this will charge the user's card
begin
charge = Stripe::Charge.create(
:amount => #amount,
:currency => "cad",
:card => token,
:description => "some description of the product"
)
rescue Stripe::CardError => e
redirect_to #assignment, :notice => "The card has been declined"
end
end
def set_assignment
#assignment = Assignment.friendly.find(params[:assignment_id])
end
def payment_params
params.require(:payment).permit(
:stripe_customer_token
)
end
end
payment.js.coffee
$ ->
Stripe.setPublishableKey($('meta[name="stripe-key"]').attr('content'))
payment.setupForm()
payment =
setupForm: ->
$('#new_payment').submit ->
$('input[type=submit]').attr('disabled', true)
if $('#card_number').length
payment.processCard()
false
else
true
processCard: ->
card =
number: $('#card_number').val()
cvc: $('#card_code').val()
expMonth: $('#card_month').val()
expYear: $('#card_year').val()
Stripe.createToken(card, payment.handleStripeResponse)
handleStripeResponse: (status, response) ->
if status == 200
console.log response
$('#payment_stripe_customer_token').val(response.id)
$('#new_payment')[0].submit()
else
$('#stripe_error').text(response.error.message)
$('input[type=submit]').attr('disabled', false)
payment.rb
class Payment < ActiveRecord::Base
belongs_to :assignment
end
At least two problems as I saw. And I guess there may be more after progressing.
You don't have access to params within #save_with_payment
The problem happens in this line:
# Get the credit card details submitted by the form
token = params[:stripe_customer_token]
The params is protected by strong_params and you don't have access to it.
The fix is to permit all of the needed params in payment_params and reuse it within this method.
Actually you don't have #price within #create
This problem does not relate to the question directly but it exists.
This instance variable #price is in #new. And #create is another instance so you can't have it again.
The fix is to get it from payment_params

Use devise password to restrict method in a controller

I am trying to restrict some of my user's action with their user account password.
I have a transfer controller, and users can transfer money using the create method in the transfer controller.
I would like to require the password everytime the user click on the transfer button to validate the transfer but I could not find anything related to that on the web.
I want to add a password field to the views and process the transfer only if the password is the user account password.
I am using devise for managing my users account.
How could I do that ?
Thanks,
Form :
<%= form_for current_user.transfers.build do |f| %>
<div class="amount">
<h5>Select an amount</h5>
<div class="amount-btns">
<a class="amount-btn" href="#"><span data-amount="10">10$</span></a>
<a class="amount-btn" href="#"><span data-amount="20">20$</span></a>
<a class="amount-btn" href="#"><span data-amount="30">30$</span></a>
<a class="amount-btn" href="#"><span data-amount="50">50$</span></a>
<%= f.hidden_field :amount, :id => :amount %>
<%#= f.hidden_field :teen_id , :id => :user_id_auto_donation %>
</div>
</div>
<div class="choose-amount">
<div class="choose-amnt" action="#">
<div class="form-row choose-lnk">
<%= f.collection_select :teen_id, current_user.followed_users, :id, :first_name , include_blank: false, :prompt => 'Select a Teen' %>
</div>
<%= hidden_field_tag :no_card if !current_user.customer_id? %>
<%= password_field(:password, :password, :size => 20, :class => 'form_input') %>
<%= f.submit 'Send', :class => "orange-btn", :id => "send_donation"%>
<% end %>
Transfer_Controller :
def create
Rails.logger.debug(params[:password])
Rails.logger.debug(current_user.valid_password?(params[:password]))
if current_user.valid_password?(params[:password])
....
else
redirect_to :back
end
Rails.logger.debug(params[:password]) return the password I entered and the one that is correct.
Rails.logger.debug(current_user.valid_password?(params[:password])) return false but if I relplace the params[:password] with the actual password it return true
Thanks for your help !
I found this link that shows you how to check user credentials,
for your case you will do something like the following (given that you send the password as a parameter named 'password'):
# use the return value to determine if the user inserted the correct password
if(current_user.valid_password?(params[:password]))
# create transfer
else
# tell user password is invalid
end

Resources