I get an error of validation when try to register a new user.
Email can't be blank, Password can't be blank
I create custom devise controllers. I have the next code in registrations' controller:
class Users::RegistrationsController < Devise::RegistrationsController
include ApplicationHelper
before_action :configure_sign_up_params, only: [:create]
before_action :check_existing_user, only: [:new]
def new
super
end
def create
super
end
protected
def configure_sign_up_params
devise_parameter_sanitizer.permit(:sign_up, keys: [:username, :email, :password, :password_confirmation])
end
def check_existing_user
#user = User.last
if #user
redirect_to sign_in_path, danger: 'User alredy exists. Please sign in.'
else
render :new
end
end
end
And I left permited parameters for devise in applocation controller:
class ApplicationController < ActionController::Base
before_action :configure_permitted_parameters, if: :devise_controller?
private
def configure_permitted_parameters
devise_parameter_sanitizer.permit(:sign_up, keys: [:username])
end
end
My routes:
devise_for :users, controllers: { registrations: "users/registrations" }
devise_scope :user do
get 'sign_in', to: 'devise/sessions#new'
get 'sign_up', to: 'users/registrations#new'
get 'sign_out', to: 'devise/sessions#destroy'
resources :users, only: [:show]
end
and User model:
class User < ApplicationRecord
devise :database_authenticatable, :registerable,
:recoverable, :rememberable, :validatable
end
Console log doesn't return some errors. I fill form right. Why do I get it?
I'm using devise and activeadmin.
When I log in to my app as an Admin (http://localhost:3000/users/admin) the app redirects me to to the http://localhost:3000/users/sign_in page.
So basically I have to login at some user to be able to log in as Admin. Which is really inconvenient.
this is my application_controller.rb
class ApplicationController < ActionController::Base
protect_from_forgery prepend: true, with: :exception
before_action :authenticate_user!, except: [:index]
def after_sign_in_path_for(resource)
user_path(resource)
end
def after_sign_up_path_for(resource)
user_path(resource)
end
before_action :configure_permitted_parameters, if: :devise_controller?
protected
def configure_permitted_parameters
devise_parameter_sanitizer.permit(:sign_up, keys: [:username, :email, :password, :password_confirmation])
devise_parameter_sanitizer.permit(:sign_in, keys: [:login, :password, :password_confirmation])
devise_parameter_sanitizer.permit(:account_update, keys: [:username, :email, :password, :password_confirmation, :current_password])
end
end
I have added this chunk of code to the controller with out any luck.
before_action :whois, if: :devise_controller?
def whois
if user.admin?
def after_sign_in_path_for(resource)
admin_dashboard_path
end
else
def after_sign_in_path_for(resource)
user_path(resource)
end
def after_sign_up_path_for(resource)
user_path(resource)
end
end
end
Here my routes
devise_for :users
devise_for :admin_users, ActiveAdmin::Devise.config
ActiveAdmin.routes(self)
resources :overviews
resources :users
root 'overviews#index'
Can anyone help me with this, please?
In the initializer active_admin.rb - try this
config.authentication_method = false
I'm using a user scope controller generated by devise to pass additional attributes.
class Users::RegistrationsController < Devise::RegistrationsController
before_action :sign_up_params, only: [:create]
before_action :account_update_params, only: [:update
protected
def sign_up_params
devise_parameter_sanitizer.permit(:sign_up, keys: [:first_name, :last_name, :cpf])
end
def account_update_params
devise_parameter_sanitizer.permit(:account_update, keys: [:first_name, :last_name, :cpf, :birth_date, :phone, :gender])
end
def update_resource(resource, params)
resource.update_without_password(params)
end
end
The routes
devise_for :users, controllers: {registrations: 'users/registrations}
Everything was working until include the update_resource(resource, params) method to the controller and remove the current_password field at the view, as suggested https://github.com/plataformatec/devise/wiki/How-To:-Allow-users-to-edit-their-account-without-providing-a-password
After this change I can edit every additional fields (first_name, last_name...etc) except the password. The password change doesn't persists. Any idea?
Rails version: 5.0.0.1
Devise version: 4.2.0
In the account_update_params method you need to add your password and password_confirmation.
def account_update_params
devise_parameter_sanitizer.permit(:account_update, keys: [:first_name, :last_name, :cpf, :birth_date, :phone, :gender, :password, :password_confirmation])
end
I added additional fields to my user model, then updated the configure_account_update_params method accordingly. Everything was working until I wanted users to be able to update their information without having to input their current password.
So I removed the field for the view and changed the update method in the RegistrationsController
This is my controller, I'm not sure if I'm missing something
class Users::RegistrationsController < Devise::RegistrationsController
before_filter :configure_account_update_params, only: [:update]
def update
resource.update_without_password(resource_params)
end
# If you have extra params to permit, append them to the sanitizer.
def configure_account_update_params
devise_parameter_sanitizer.for(:account_update) << [:first_name, :last_name, :country, :phone_number, :gender, :birthdate]
end
end
According to devise documentation, you should replace this in your controller.
class Users::RegistrationsController < Devise::RegistrationsController
protected
def update_resource(resource, params)
resource.update_without_password(params)
end
end
I made a devise User model and added additional fields to it. When I create and account everything works fine, only with email, pw and pw conf.
I then want to allow the user to go to edit page and fill in the optional additional fields.
But, when they submit, everything is saved as nil.
class RegistrationsController < Devise::RegistrationsController
before_action :configure_permitted_parameters, if: :devise_controller?
def configure_permitted_parameters
devise_parameter_sanitizer.for(:sign_in){ |u| u.permit(:email, :password) }
devise_parameter_sanitizer.for(:sign_up){ |u| u.permit(:name, :username, :about, :email, :password, :password_confirmation)}
devise_parameter_sanitizer.for(:account_update){ |u| u.permit(:name, :username, :about, :email, :password, :password_confirmation) }
end
def update
self.resource = resource_class.to_adapter.get!(send(:"current_#{resource_name}").to_key)
if resource.update_with_password(user_params)
if is_navigational_format?
flash_key = update_needs_confirmation?(resource, prev_unconfirmed_email) ? :update_needs_confirmation : :updated
set_flash_message :notice, flash_key
end
sign_in resource_name, resource, :bypass => true
respond_with resource, :location => after_update_path_for(resource)
else
clean_up_passwords resource
respond_with resource
end
end
def user_params
params.require(:user).permit(:email, :password, :current_password, :password_confirmation, :name, :username, :about)
end
end
I get this output in the console,
ActiveRecord::SchemaMigration Load (0.1ms) SELECT "schema_migrations".* FROM "schema_migrations"
Processing by Devise::RegistrationsController#update as HTML
Parameters: {"utf8"=>"✓", "authenticity_token"=>"EG8FtCTBohuG2uwUvIqmY7KTsmYY1nMAXqTfc0Li+eQ=",
"user"=>{"email"=>"a#a.com", "name"=>"Aaron", "username"=>"", "about"=>"",
"password"=>"[FILTERED]", "password_confirmation"=>"[FILTERED]", "current_password"=>"[FILTERED]"}, "commit"=>"Update"}
User Load (2.2ms) SELECT "users".* FROM "users" WHERE "users"."id" = ? LIMIT 1 [["id", 1]]
Unpermitted parameters: name, username, about
But nothing is saved in the database when I check in the console (with User.last). I am stuck, and have looked and have no idea what is wrong...
In Rails4 we have strong parameters so please
Add following line to your application_controller.rb
before_filter :configure_devise_params, if: :devise_controller?
def configure_devise_params
devise_parameter_sanitizer.for(:sign_up) do |u|
u.permit(:first_name, :last_name, :gender, :email, :password, :password_confirmation)
end
end
After working on something similar to this, I settled on using Application Controller, then afterward found that the Devise Documentation is fairly straightforward for this in their strong parameters section and gives an alternative to using Application Controller. https://github.com/plataformatec/devise#strong-parameters
Below is the approach with Application Controller which worked for me.
class ApplicationController < ActionController::Base
before_filter :configure_permitted_parameters, if: :devise_controller?
private
def configure_permitted_parameters
devise_parameter_sanitizer.for(:sign_up){ |u| u.permit(:name, :username, :about, :email, :password, :password_confirmation)}
devise_parameter_sanitizer.for(:account_update){ |u| u.permit(:name, :username, :about, :email, :password, :password_confirmation) }
end
end
This should work the same and it directly overwrites methods in Devise::RegistrationController.
class Users::RegistrationsController < Devise::RegistrationsController
private
def configure_sign_up_params
devise_parameter_sanitizer.for(:sign_up){ |u| u.permit(:name, :username, :about, :email, :password, :password_confirmation)}
end
def configure_account_update_params
devise_parameter_sanitizer.for(:account_update){ |u| u.permit(:name, :username, :about, :email, :password, :password_confirmation) }
end
end
First produce new field.
for reference
http://guides.rubyonrails.org/migrations.html
Do you have add your new fields in user controller parameter?
def user_params
params.require(:user).permit(:email, :password, :password_confirmation)
end
def sign_up_params
params.require(:user).permit(:email, :password, :password_confirmation)
end
In the application controller
before_filter :configure_permitted_parameters, if: :devise_controller?
protected
def configure_permitted_parameters
devise_parameter_sanitizer.for(:sign_up) { |u| u.permit(:email, :password, :password_confirmation)}
devise_parameter_sanitizer.for(:sign_in) { |u| u.permit(:email, :password, :password_confirmation)}
end
In your registration form that override devise add this
class Users::RegistrationsController < Devise::RegistrationsController
skip_before_filter :verify_authenticity_token, :only => [:ipn_notification]
def sign_up_params
params.require(:user).permit(:email, :password, :password_confirmation)
end
After that add your new fields in all views _form,show,edit,index.
In Rails 4.2, this is how I did.
I have User Model on which devise is applied.
Use this command "rails generate devise:controllers users" to generate custom controllers.
I have added "username" name attribute to my User Model
In my controller
class Users::RegistrationsController < Devise::RegistrationsController
before_filter :configure_sign_up_params, only: [:create]
before_filter :configure_account_update_params, only: [:update]
#rest of code as generated
protected
# If you have extra params to permit, append them to the sanitizer.
def configure_sign_up_params
devise_parameter_sanitizer.for(:sign_up) << :username
end
# If you have extra params to permit, append them to the sanitizer.
def configure_account_update_params
devise_parameter_sanitizer.for(:account_update) << :username
end
In Routes
devise_for :users, controllers: {registrations: "users/registrations"}