I have created a User model through the Devise gem that allows email, first_name, and password upon registration.
def configure_permitted_parameters
devise_parameter_sanitizer.for(:sign_up) << :first_name
end
I would like to save other attributes such as last_name, city, etc to the User model. I have ran the migrations and see these attributes in my schema.
However when I am on the user/edit page and try to save, the new attributes are not saving.
I have run the command to edit the devise controllers, but confused.
rails generate devise:controllers users
Do I still need to create a UsersController < ApplicationController in order to accept other attributes into the User model during an edit/update?
Then I could just permit all when trying to update
def user_params
params.require(:user).permit!
end
Thanks
Try this:
class ApplicationController < ActionController::Base
protect_from_forgery
before_filter :configure_permitted_parameters, if: :devise_controller?
protected
def configure_permitted_parameters
devise_parameter_sanitizer.for(:user) << :first_name
end
end
Add the following filter to the application controller:
before_action :configure_permitted_parameters, if: :devise_controller?
def configure_permitted_parameters
devise_parameter_sanitizer.for(:sign_up) { |u| u.permit( :first_name, :email, :password, :password_confirmation) }
end
This is for sign up. To update the user informaiton add following line of code within the configure_permitted_parameters filter.
devise_parameter_sanitizer.for(:account_update) { |u| u.permit(:first_name, :email, :password, :password_confirmation, :current_password) }
Related
I have a rails application that uses Devise and simple_form to register and authenticate a user. I wanted to add another table of preferences such that a user can have multiple preferences and a preference can be assigned to multiple users.
I followed this: https://dev.to/neshaz/join-table-in-rails-23b5
and made the respective associations with a join table and I am able to view the checkboxes multiselect on my form. But I am stuck on the part on processing the params in my registration controller page. For context this is what i have:
registration_controller.rb
def configure_sign_up_params
devise_parameter_sanitizer.permit(:sign_up) do |u|
u.permit({ account_attributes: [:username], invite_request_attributes: [:text] }, :company, :email, :password, :password_confirmation, :invite_code, :agreement, :website, :confirm_password)
end
end
_registration.html.haml:
- for preference in Preference.all
= check_box_tag "preference[user_ids][]", preference.id
= h preference.pref
You try this way.
class ApplicationController < ActionController::Base
before_action :configure_permitted_parameters, if: :devise_controller?
def configure_permitted_parameters
devise_parameter_sanitizer.permit(:sign_up, keys: [:name, preference_ids: []])
devise_parameter_sanitizer.permit(:account_update, keys: [:name, :website, :bio])
end
end
_registration.html.haml:
- for preference in Preference.all
= check_box_tag "user[preference_ids][]", preference.id
= h preference.pref
I'm unable to permit additional parameters in invite#accept. I've setup everything and here's a controller.
But in the method accept_resource there're still only 3 old parameters accepted, other didn't come through, although they present on a form.
class MyInvitationsController < Devise::InvitationsController
before_filter :configure_permitted_parameters, if: :devise_controller?
before_filter :update_sanitized_params, only: [:edit, :update]
def edit
puts "edit...."
super
end
private
def accept_resource
puts "accept_resource..."
resource = resource_class.accept_invitation!(update_resource_params)
# but it still permits only :password, :password_confirmation and :invitation_token
resource
end
protected
def configure_permitted_parameters
puts "configure_permitted_parameters..."
devise_parameter_sanitizer.permit(:sign_up, keys: [:aaa, :bbb, :ccc, :password, :password_confirmation,
:invitation_token])
end
def update_sanitized_params
puts "update_sanitized_params..."
devise_parameter_sanitizer.permit(:sign_up, keys: [:aaa, :bbb, :ccc, :password, :password_confirmation,
:invitation_token])
How to fix that?
I use devise 4.2 and devise_invitable 1.6
Try remove
if: :devise_controller?
in your before_filter, because your are not in devise controller.
I am using Devise for my users in my rails app. When people sign up its only their email and password. How do I have access to the controller to permit more param such as first name and last name?
Thank you
You should add the parameters to the devise_parameter_sanitizer for sign_up
This can be done in your application_controller.rb
class ApplicationController < ActionController::Base
before_action :configure_permitted_parameters, if: :devise_controller?
protected
def configure_permitted_parameters
devise_parameter_sanitizer.for(:sign_up) << :first_name
end
end
or configure the whole set of parameters using
def configure_permitted_parameters
devise_parameter_sanitizer.for(:sign_up) { |u| u.permit(:password, :password_confirmation, :email, :first_name, :last_name) }
end
Another way is to create a class that inherits from Devise::ParameterSanitizer
class User::ParameterSanitizer < Devise::ParameterSanitizer
def sign_up
default_params.permit(:password, :password_confirmation, :email, :first_name, :last_name)
end
end
Then in your application_controller.rb
class ApplicationController < ActionController::Base
protected
def devise_parameter_sanitizer
User::ParameterSanitizer.new(User, :user, params)
end
end
Here is what I tried,
rails g migration add_username_to_hrs
bundle exec rake db:migrate
added the attr_accessible:username
restarted the server
My add_username_to_hr.rb
class AddUsernameToAuthorize < ActiveRecord::Migration
def change
add_column :authorizes, :username, :string
end
end
Error
undefined method `username' for #
Question: How can I add a username field in my devise gem?
Answer is now outdated [ Valid for rails4 ]
I have done the same. Please follow these steps:
rails generate migration add_username_to_users username:string:uniq
rake db:migrate
add attr_accessible :username
in application_controller.rb:
before_action :configure_permitted_parameters, if: :devise_controller?
protected
def configure_permitted_parameters
devise_parameter_sanitizer.for(:sign_up) { |u| u.permit(:username, :email, :password, :password_confirmation, :remember_me) }
devise_parameter_sanitizer.for(:sign_in) { |u| u.permit(:login, :username, :email, :password, :remember_me) }
devise_parameter_sanitizer.for(:account_update) { |u| u.permit(:username, :email, :password, :password_confirmation, :current_password) }
end
in config/initializers if you want to replace email by usernname
config.authentication_keys = [ :username ]
config.case_insensitive_keys = [ :username ]
config.strip_whitespace_keys = [ :username ]
update the views.
Note if attr_accessible :usernamegives error try attr_accessor :username
If you are using rails 4 then put below code in application controller
class ApplicationController < ActionController::Base
before_action :configure_permitted_parameters, if: :devise_controller?
protected
def configure_permitted_parameters
devise_parameter_sanitizer.for(:sign_up) << :username
end
end
If you are using rails 4 then follow this steps:
rails g migration AddUserNameToAuthorize
rake db:migrate
put this code in application_controller.rb to accept username parameter for sign_in, sign_up and also for account_update:
class ApplicationController < ActionController::Base
protect_from_forgery with: :exception
def configure_permitted_parameters
devise_parameter_sanitizer.for(:sign_in) { |u| u.permit(:email, :password,:username) }
devise_parameter_sanitizer.for(:sign_up) { |u| u.permit(:email, :password, :password_confirmation,:username) }
devise_parameter_sanitizer.for(:account_update) { |u| u.permit(:email, :password, :password_confirmation,:username) }
end
end
Devise actually add the field to model which you specified during devise setup. If You have add migration to that model. For example, you have used devise for user model, then you can generate migration for adding the username to user model and run the db:migrate and add the attr_accessible :username to model, if you are using rails < 4
You have to add username in the model which you had given in below command
rails g devise <modelname>
Once you are done then you need to follow your above steps but need to modify devise configuration file to look for username for login instead of email. Then restart rails server and it should be fine.
source = https://github.com/heartcombo/devise
add username to your usermodel
db:migrate
and then past following in your ApplicationController:
class ApplicationController < ActionController::Base
before_action :configure_permitted_parameters, if: :devise_controller?
protected
def configure_permitted_parameters
devise_parameter_sanitizer.permit(:sign_up, keys: [:username])
end
end
also this in your devise/registration/new.html.erb into the
<%= f.input :username,
required: true,
autofocus: true,
input_html: { autocomplete: "username" }%>
and you're good to go
I'm using the release candidate of Devise 3 so that I can use it with Rails 4. In Rails 3.2 I used to be able to add a custom field to my User model by simply adding that field to the registration/edit.html.erb and registration/new.html.erb files (after running the proper migration). Then I'd just add that field to the attr_accessible list of fields in the model.
However, in Rails 4, there is no attr_accessible list and I can't simply add fields in the views. How do I add custom User fields?
Adding
def configure_permitted_parameters
devise_parameter_sanitizer.for(:sign_in) { |u| u.permit(:username, :email) }
devise_parameter_sanitizer.for(:sign_up) { |u| u.permit(:username, :email, :password, :password_confirmation) }
devise_parameter_sanitizer.for(:account_update) { |u| u.permit(:username, :email, :password, :password_confirmation, :current_password) }
end
To applicationcontroller worked for me.
I was told to look in the main README on the github page and there it was. Easy.
class ApplicationController < ActionController::Base
before_filter :configure_permitted_parameters, if: :devise_controller?
protected
def configure_permitted_parameters
devise_parameter_sanitizer.for(:sign_up) << :username
end
end
In case you want to permit additional parameters you can do with a simple before filter in your
ApplicationController:
class ApplicationController < ActionController::Base
before_filter :configure_permitted_parameters, if: :devise_controller?
protected
def configure_permitted_parameters
devise_parameter_sanitizer.for(:sign_up) << :username
end
end
You need to enable Strong Parameters for devise instead of attr_accessible for doing that you need to create new initializer like:
DeviseController.class_eval do
def resource_params
unless params[resource_name].blank?
params.require(resource_name).permit(:email, :password, :password_confirmation, :remember_me)
end
end
end
Make sure that you cloned gem from rails4 branch(plataformatec/devise).
Remove attr_accesible from model