I have created forms in rails with no problems before, but this is my first time doing it in a modal and I am not sure if that effects things. I don't think it does, but you never know. The problem is that new users are not being saved, and I am getting no useful errors as to why. Here is my form, in the modal:
<div class="modal-body">
<%= form_for #user do |f| %>
<%= f.label :first_name %><br>
<%= f.text_field :first_name, class: 'form-control', :required => true %><br>
<%= f.label :last_name %><br>
<%= f.text_field :last_name, class: 'form-control', :required => true %><br>
<%= f.label :user_name %><br>
<%= f.text_field :user_name, class: 'form-control', :required => true %><br>
<%= f.label :password %><br>
<%= f.password_field :password_digest, class: 'form-control', :required => true%><br>
<%= f.label :password_confirmation %><br>
<%= f.password_field :password_confirmation, class: 'form-control', :required => true%><br>
</div> <!-- modal body -->
<div class="modal-footer">
<%= f.submit "Sign Up"%><br>
</div>
<% end %>
and here is what is in my users controller:
def create
#user = User.create(user_params)
if #user.save
redirect_to root_path
else
redirect_to({:controller => 'application', :action => 'home'}, :notice => 'Account not created! Something is fishy.')
end
end
def user_params
params.require(:user).permit(:first_name, :last_name, :user_name, :password)
end
More than likely, I am missing something. My question is two part: A)what is wrong and B)how can I stop the modal window from closing and have it display the appropriate error to the user giving them a chance to fix it?
Try:
#user = User.new(user_params)
instead of:
#user = User.create(user_params)
Because, you are trying to save the user after this call.
When you use create, it calls create followed by save.
If you use: User.new(user_params), it will just load the user object with the specified user_params but will not save it. In the next line, when you call: #user.save then the user object will be saved if valid. Otherwise, not.
Also, you can try using: #user.save! instead of #user.save. Because, when you try to save an object using save! method, it will raise an exception if it can't save the object properly. That way, you will know if something went wrong.
Observe the elements/tags "" should inside form_for becuase closing tag is inside of it.
<%= form_for #user do |f| %>
<div class="modal-body">
......your stuff fields here
</div> <!-- modal body -->
<div class="modal-footer">
<%= f.submit "Sign Up"%><br>
</div>
<% end %>
Related
I'm using the Devise gem for authentication and for the login form when I click on "Log in" with the fields blank I get the error "Invalid Email or password". I think it would be nice just like the registration form to have errors like "Name can't be blank" or "Email can't be blank" depending on the field that is blank. How can one achieve that?
Log in view
<h2>Log in</h2>
<%= form_for(resource, as: resource_name, url: session_path(resource_name), data: { turbo: false }) do |f| %>
<div class="field">
<%= f.label :email %><br />
<%= f.email_field :email, autofocus: true, autocomplete: "email" %>
</div>
<div class="field">
<%= f.label :password %><br />
<%= f.password_field :password, autocomplete: "current-password" %>
</div>
<% if devise_mapping.rememberable? %>
<div class="field remember">
<%= f.check_box :remember_me %>
<%= f.label :remember_me %>
</div>
<% end %>
<div class="actions">
<%= f.submit "Log in" %>
</div>
<% end %>
<%= render "devise/shared/links" %>
application_controller.rb
class ApplicationController < ActionController::Base
protect_from_forgery with: :exception
before_action :authenticate_user!
before_action :update_allowed_parameters, if: :devise_controller?
def after_sign_up_path_for(_resource)
groups_path
end
def after_sign_in_path_for(_resource)
groups_path
end
protected
def update_allowed_parameters
devise_parameter_sanitizer.permit(:sign_up) do |u|
u.permit(:name, :email, :password, :password_confirmation)
end
devise_parameter_sanitizer.permit(:account_update) do |u|
u.permit(:name, :email, :password, :password_confirmation, :current_password)
end
end
end
Its pretty trivial to just add a client side validation which will provide immediate feedback if you want to:
# app/views/devise/sessions/new.html.erb
<h2>Log in</h2>
<%= form_for(resource, as: resource_name, url: session_path(resource_name)) do |f| %>
<div class="field">
<%= f.label :email %><br />
<%= f.email_field :email, autofocus: true, autocomplete: "email", required: true %>
</div>
<div class="field">
<%= f.label :password %><br />
<%= f.password_field :password, autocomplete: "current-password", required: true %>
</div>
<% if devise_mapping.rememberable? %>
<div class="field">
<%= f.check_box :remember_me %>
<%= f.label :remember_me %>
</div>
<% end %>
<div class="actions">
<%= f.submit "Log in" %>
</div>
<% end %>
<%= render "devise/shared/links" %>`
The views in your application will take priority over those defined by the engine.
The reason why Devise doesn't actually use model validation at all for sessions is that models are not context aware and adding this feature would add a lot of complexity for very little gain.
Your model doesn't have a concept of "signing in" so if you called resource.valid? it will fire all the validations for creating a record like for example uniqueness of the email.
While you could do this by creating a form object or by overriding the controller method and adding the errors "inline" it provides very little additional value in safeguarding your application against bad user input which is what server side validations are primarily intendended to do (user feedback is the secondary purpose). YAGNI.
I have form for signup user and when this url have get parameter like
http://localhost:3000/signup?list_id=10
need transfer this parameters to action for create user
<%= form_for(#user) do |f| %>
<%= render 'shared/error_messages', user: #user %>
<%= f.label :name %>
<%= f.text_field :name, class: 'form-control' %>
<%= f.label :email %>
<%= f.email_field :email, class: 'form-control' %>
<%= f.label :password %>
<%= f.password_field :password, class: 'form-control' %>
<%= f.label :password_confirmation %>
<%= f.password_field :password_confirmation, class: 'form-control' %>
<%= f.submit yield(:button_text), class: "btn btn-primary" %>
in this action user create dont see this parameter
def create
debugger
#user = User.new(user_params)
if #user.save
log_in #user
flash[:success] = "Welcome to the Sample App!"
redirect_to #user
else
render "new"
end
end
(byebug) params<ActionController::Parameters {"utf8"=>"✓", "authenticity_token"=>"I5+lc0T2fqy2Ie56rMnkR6Eff60nJmiuaTob7xAqknB6YgHZpmEByyRpCanpnNqyO9H/wMWbm7IumdXRyUABcA==", "user"=>{"name"=>"Ivan", "email"=>"ss#ss.com", "password"=>"222", "password_confirmation"=>"222"}, "commit"=>"Create my account", "controller"=>"users", "action"=>"create"} permitted: false>
It's available in your params hash so you can add it to your form as a hidden field so it will be submitted with the other params. Then make sure to whitelist that parameter in your controller.
First, add the virtual attribute to your User model if :list_id isn't already a persisted attribute for Users. This is done by adding the following line in your user.rb model file:
attr_accessor :list_id
Then add the following inside your form view:
<%= f.hidden_field :list_id, :value => params[:list_id] %>
Then in your controller where you whitelist your params you would add :list_id as a secure parameter. You didn't post your strong_params method but should be like:
def user_params
params.require(:user).permit(:list_id, :name, :email, :password, :password_confirmation)
end
I'm learning rails and building an authentication system using guides from around the web and following railscasts tutorials.
I've come to a stand still at the moment and need a bit of assistance if possible.
When ever I try to edit the user profile, I get an error message which tells me that it can't create an account due to fields such as email and username already being taken.
Looking around it seems it's related to how my edit form is being submitted, but I can't solve it!
Any help would be appreciated.
Users_controller.rb
def edit
#user = User.find(params[:id])
end
def update
#user = User.find(params[:id])
if #user.update_attributes(user_params)
flash[:success] = "Profile updated"
redirect_to #user
else
render 'edit'
end
end
edit.html.erb
<%= form_for :user, url: '/users' do |f| %>
<form class="m-t" role="form" action="#">
<div class="form-group">
<%= f.label :name %>
<%= f.text_field :name, class: 'form-control', autocomplete: "off" %>
</div>
<div class="form-group">
<%= f.label :user_type %>
<%= f.select(:user_type, ['Admin', 'Technical', 'Accounts'], {}, { :class => 'form-control' }) %>
</div>
<div class="form-group">
<%= f.label :email %>
<%= f.text_field :email, class: 'form-control' %>
</div>
<div class="form-group">
<%= f.label :telephone %>
<%= f.text_field :telephone, class: 'form-control' %>
</div>
<div class="form-group">
<%= f.label :mobile %>
<%= f.text_field :mobile, class: 'form-control' %>
</div>
<div class="form-group">
<%= f.label :user_name %>
<%= f.text_field :user_name, class: 'form-control' %>
</div>
<div class="form-group">
<%= f.label :password %>
<%= f.password_field :password, class: 'form-control' %>
</div>
<div class="form-group">
<%= f.label :password_confirmation %>
<%= f.password_field :password_confirmation, class: 'form-control' %>
</div>
<div class="form-group">
<%= f.label :company_admin%>
<%= f.check_box :company_admin, class: 'form-control' %>
</div>
<div class="form-group">
<%= f.label :user_admin %>
<%= f.check_box :user_admin, class: 'form-control' %>
</div>
<div class="form-group">
<%= f.label :emergency_contact %>
<%= f.check_box :emergency_contact, class: 'form-control' %>
</div>
<div class="form-group">
<%= f.submit "Submit", class: "btn btn-primary block full-width m-b" %>
</div>
</form>
<% end %>
Rails Log
User Exists (0.2ms) SELECT 1 AS one FROM "users" WHERE "users"."email" = 'emailaddress#gmail.com' LIMIT 1
User Exists (0.1ms) SELECT 1 AS one FROM "users" WHERE "users"."user_name" = 'AUserName' LIMIT 1
user.rb
class User < ActiveRecord::Base
has_secure_password
validates :name, presence: { message: "Please enter your name." }
validates_uniqueness_of :email, presence: { message: "Please enter your email address." }
validates_format_of :email, with: /\A([^#\s]+)#((?:[-a-z0-9]+\.)+[a-z] {2,})\z/i, message: "Please enter a valid email address.", allow_blank: true
validates :telephone, presence: { message: "Please enter your phone number." }
validates :mobile, presence: { message: "Please enter your mobile number." }
validates_uniqueness_of :user_name, presence: { message: "Please enter your user name." }
validates_confirmation_of :password, presence: { message: "Please enter your password" }, allow_nil: true
before_create { generate_token(:auth_token) }
def generate_token(column)
begin
self[column] = SecureRandom.urlsafe_base64
end while User.exists?(column => self[column])
end
def send_password_reset
generate_token(:password_reset_token)
self.password_reset_sent_at = Time.zone.now
save!
UserMailer.password_reset(self).deliver
end
end
Wait I'm wrong on the validation. Just spotted it.
<%= form_for :user, url: '/users' do |f| %>
This won't use the #user object, which means rails thinks you're trying to create a user.
Switch it to
<%= form_for #user do |f| %>
Rails will also infer the correct place to post to so you won't need the url option anymore.
I'm trying to put Forgot password field with the sign in page, but if user is not registered (and not in apps database), then it redirects to the original devise Forgot password page with errors (http://localhost:3000/users/password). How do I make the errors appear in the same page as the sign in page (http://localhost:3000/users/sign_in)?
In app/views/devise/sessions/new.html.erb file
<%= simple_form_for(resource, as: resource_name, url: session_path(resource_name)) do |f| %>
<%= f.email_field :email, required: false, autofocus: true, placeholder: "Username" %>
<%= f.password_field :password, required: false, placeholder: "Password" %>
<%= f.button :submit, "Sign In", class: "btn btn-success btn-sm" %>
<div class="remember-forgot">
<div class="row">
<div class="col-md-6">
<%= f.input :remember_me, as: :boolean if devise_mapping.rememberable? %>
</div>
<div class="col-md-6 forgot-pass-content">
Forgot Password
</div>
</div>
</div>
<% end %>
<!-- where reset is -->
<div class="pass-reset">
<%= simple_form_for(resource, as: resource_name, url: password_path(resource_name), namespace: 'forgot', html: { method: :post }) do |f| %>
<%= f.error_notification %>
<label>Enter the email you signed up with</label>
<%= f.email_field :email, required: true, autofocus: true, placeholder: "Email" %>
<%= f.submit "Submit", class: "pass-reset-submit btn btn-success btn-sm" %>
<% end %>
</div>
So there's a javascript link where an input field will show up if a user forgets their sign in credentials.
apparently two forms for same object having same fields should not be one page, one should stay with the new page. but still i have tried your question, and following things needs to be done
1) I have to override the passwords controller for devise under user scope.
class Users::PasswordsController < Devise::PasswordsController
# GET /resource/password/new
def new
super
end
# POST /resource/password
def create
self.resource = resource_class.send_reset_password_instructions(resource_params)
if successfully_sent?(resource)
flash[:notice] = "sent password"
redirect_to :root
else
render "devise/sessions/new"
end
end
# GET /resource/password/edit?reset_password_token=abcdef
def edit
super
end
# PUT /resource/password
def update
super
end
protected
def after_resetting_password_path_for(resource)
super(resource)
end
# The path used after sending reset password instructions
def after_sending_reset_password_instructions_path_for(resource_name)
super(resource_name)
end
end
then my devise/sessions/new page will look like this(you can add the logic of showing form only when one clicks he forget password button. that should be simple. just add hide class and on click remove hide class.)
Log in
<%= form_for(resource, as: resource_name, url: session_path(resource_name)) do |f| %>
<div class="field">
<%= f.label :email %><br />
<%= f.email_field :email, autofocus: true %>
</div>
<div class="field">
<%= f.label :password %><br />
<%= f.password_field :password, autocomplete: "off" %>
</div>
<% if devise_mapping.rememberable? -%>
<div class="field">
<%= f.check_box :remember_me %>
<%= f.label :remember_me %>
</div>
<% end -%>
<div class="actions">
<%= f.submit "Log in" %>
</div>
<% end %>
#assuming that devise_mapping has recoverable? option. you can also keep the below form in if condition
<h2>Forgot your password?</h2>
<%= form_for(resource, as: resource_name, url: password_path(resource_name), namespace: "forget", html: { method: :post }) do |f| %>
<%= devise_error_messages! %>
<div class="field">
<%= f.label :email %><br />
<%= f.email_field :email, autofocus: true %>
</div>
<div class="actions">
<%= f.submit "Send me reset password instructions" %>
</div>
<% end %>
need to tell the routes to use my my passwords controller.
devise_for :users, controllers: {
passwords: 'users/passwords'
}
These things will result in showing the errors under the user sign in form but the path will remain http://localhost:3000/users/password. why because we are rendering the page and not redirecting. render just show the views without going to the controller action. now even if one tries to send the errors messages to the sessions controller somehow(after overriding that controller as well) somehow like this
redirect_to new_user_session_path, :messages => resource.errors
still that wont help, why because in session#new we are re initializing the resource as it is new action and all the errors would be gone.
I'm not sure if this is satisfactory to you or if this is not even close to your requirements. i tried to cover all things. i would be glad if some credible or official sources will provide even better response. that would definitely increase my knowledge as well.
I'm making a Rails app and am trying to have the user's role displayed on a view. The code I am using for this is:
<%= current_user.role %>
Which does not evaluate to anything.
I am using devise for user registrations and my registration view is as follows:
<%= form_for(resource, as: resource_name, url: registration_path(resource_name)) do |f| %>
<%= devise_error_messages! %>
<div class="login-field">
<%= f.email_field :email, :placeholder => "Email" %>
</div>
<div class="login-field">
<%= f.password_field :password, autocomplete: "off", :placeholder => "Password (8 character min)" %>
</div>
<div class="login-field">
<%= f.text_field :firstname, :placeholder => "First Name" %>
</div>
<div class="login-field">
<%= f.text_field :lastname, :placeholder => "Last Name" %>
</div>
<div class="login-field">
<%= f.text_field :phone, :placeholder => "Phone Number" %>
</div>
<%= f.select(:role, ['Role 1', 'Role 2', 'Both']) %>
<br>
<div><%= f.submit "Signup" , :class => "btn btn-success btn-lg" %></div>
<% end %>
<%= render "devise/shared/links" %>
I have a feeling that I am doing something wrong in the form submission but cannot figure out what it is. Any help is appreciated
You can put this at the top of your create action:
return render text: params.inspect # get what the form sended
and or
return render text: create_params # get what the values you permitted
This way you will get what the data your from sended and if it is what you expected.
You should override the sign_up_params in the Devise registration. Once you've created your RegistrationsController that inherits from Devise::RegistrationsController, you can override the sign_up_params:
class RegistrationsController < Devise::RegistrationsController
private
def sign_up_params
params.require(:user).permit(:first_name, :last_name, :email, :phone, :role ... any other attributes)
end
end
You would also need to change you routes.rb to point to the newly created controller:
devise_for :users, controllers: {registrations: 'registrations'}