Develop Reference

Rails Devise login - can select any role (one to many relation)

I am trying to implement Devise login not only with email and password but also with Role. User can have more than one role and he can choose anyone role while he login.
Model:
User - has_many :roles (Devise applied)
Role - belongs_to :user
I want to authenticate user along with role and remember the role selected while login.
Note:
Rails 5.2.1
Devise 4.5.0

Sometimes rails generate migration add_firstname_and_lastname_to_users email:string produces a migration like this
class AddEmailToUsers < ActiveRecord::Migration[5.0]
def change
end
end
In that case you have to manually an extra line to change
class AddEmailToUsers < ActiveRecord::Migration[5.0]
def change
add_column :users, :first_name, :string
add_column :users, :last_name, :string
end
end
And then run rake db:migrate
in the app controller
before_action :configure_permitted_parameters, if: :devise_controller?
protected
def configure_permitted_parameters
devise_parameter_sanitizer.for(:sign_up) << :first_name
devise_parameter_sanitizer.for(:sign_up) << :last_name
devise_parameter_sanitizer.for(:account_update) << [:first_name, :last_name]
end

Add extra params to user from devise in ruby on rails [duplicate]

This question already has answers here:
Add Custom Field/Column to Devise with Rails 4
(4 answers)
Closed 6 years ago.
I want to add a property name in the user model. I ran the migration command to add the column to the database and that worked. Adding the property to user itself worked as well but it isn't saved in the db.
How can I add the property "name" to the required params of the sign_up and account_update of RegistrationController?
This is my user model
class User < ActiveRecord::Base
devise :database_authenticatable, :registerable,
:recoverable, :rememberable, :trackable, :validatable
attr_accessor :name
end
I tried adding the required params to the methodes like this in the RegistrationController
class Users::RegistrationsController < Devise::RegistrationsController
def sign_up_params
params.require(:user).permit(:name,:email, :password, :password_confirmation)
end
def account_update_params
params.require(:user).permit(:name, :email, :password, :password_confirmation, :current_password)
end
end
In the routings i added the line
devise_for :users, controllers: { registrations: 'users/registrations' }
But the name of the user still isn't saved in the database.

Add this to your ApplicationController to configure signup signin & account_update params.
def configure_permitted_parameters
devise_parameter_sanitizer.for(:sign_up) { |u| u.permit(:name,:email, :password, :password_confirmation) }
devise_parameter_sanitizer.for(:sign_in) { |u| u.permit(:login, :username, :email, :password, :remember_me) }
devise_parameter_sanitizer.for(:account_update) { |u| u.permit(:name, :username, :anonymous, :email, :password, :password_confirmation,:reset_password_token) }
end
And also add before_filter to ApplicationController like :
before_filter :configure_permitted_parameters, if: :devise_controller?

Please check Devise Parameter Sanitization
You can try this:
class Users::RegistrationsController < Devise::RegistrationsController
def sign_up_params
devise_parameter_sanitizer.for(:sign_up).push(:name)
end
def account_update_params
devise_parameter_sanitizer.for(:account_update).push(:name, :email, :password, :password_confirmation, :current_password)
end
end

Rails 4 Devise nested form can't mass-assign protected attributes

I have a devise model that has a nested form (supp_form is the nested object) on sign up. When I submit the form I am getting the following error:
WARNING: Can't mass-assign protected attributes for Business: supp_form_attributes, terms_of_service
app/controllers/businesses/registrations_controller.rb:11:in `create'
I am using the nested_form gem and it seems as if my form is passing field data through to the console. My parameters after submit look like the following:
Parameters: {"utf8"=>"✓", "authenticity_token"=>"XXX", "business"=>{"type"=>"Business", "supp_form_attributes"=>{"title"=>"mr.", "first_name"=>"jane", "last_name"=>"doe", "mobile_phone_number"=>"94034903", "loan_agreement_authorization"=>"1", "work_phone_number"=>"49034903", "business_industry"=>"Natural Resources and Mining", "legal_structure"=>"Sole Proprietorship", "employee_count"=>"5 to 10", "years_in_business"=>"5+ years", "business_address"=>"72 pentland rd", "business_city"=>"Waterdown", "business_postal_code"=>"l0r2h5", "business_province"=>"ON"}
business.rb
class Business < User
# Associations
has_one :supp_form
has_many :loan_applications
has_many :transactions
# Nested attributes
accepts_nested_attributes_for :supp_form, :loan_applications
# After save action
after_save :create_account
# Validations
validates_acceptance_of :terms_of_service
validate :terms_of_service, presence: true
end
supp_form.rb
class SuppForm < ActiveRecord::Base
# Associations
belongs_to :business
# Validations
validates_acceptance_of :terms
validates :business_id, :first_name, :last_name, :work_phone_number, :business_address, :business_postal_code, :business_city, presence: true
end
registraionts_controller.rb
class Businesses::RegistrationsController < Devise::RegistrationsController
before_filter :update_sanitized_params
def new
build_resource({})
resource.build_supp_form
respond_with self.resource
end
def create
super
resource.update_attribute(:railsid, '%010d' % rand(10 ** 10))
end
private
def update_sanitized_params
devise_parameter_sanitizer.for(:sign_up) {|u| u.permit(:email, :password, :password_confirmation, :type, :confirmed_at, :business_name, :terms, :railsid, :terms_of_service,
supp_form_attributes: [:business_id, :title, :loan_agreement_authorization, :first_name,
:last_name, :work_phone_number, :business_address, :business_postal_code,
:business_city, :business_name, :years_in_business, :legal_structure,
:business_industry, :employee_count, :mobile_phone_number, :business_province])}
end
def after_sign_up_path_for(resource)
business_root_path
end
end
supp_forms_controller.rb
class SuppFormsController < ApplicationController
before_filter :authenticate_user!
def new
#suppform = SuppForm.new(supp_form_params)
end
def create
#suppform = SuppForm.create(supp_form_params)
end
private
def supp_form_params
params.require(:supp_form).permit(:business_id, :title, :loan_agreement_authorization, :first_name,
:last_name, :work_phone_number, :business_address, :business_postal_code,
:business_city, :business_name, :years_in_business, :legal_structure,
:business_industry, :employee_count, :mobile_phone_number, :business_province)
end
end

You are using Rails 4 with strong parameters. And you get an error triggered by the protected_attributes gem (or default rails 3 app).
With strong_parameters on place you can remove safety the protected_attributes gem. And remove the configuration if you have it (config.active_record.whitelist_attributes).

Devise: change params in registrations controller

I want to change parameter before it saves in model object in create action of Devise registrations_controller
class RegistrationsController < Devise::RegistrationsController
before_filter :configure_permitted_parameters
def create
phone = params[:user][:phone]
replacements = [ [' ', ''], ['-', ''], ['(', ''], [')', ''], ['+', ''] ]
params[:user][:phone] = replacements.each { |replacement| phone.gsub!(replacement[0], replacement[1]) }
super
end
protected
def configure_permitted_parameters
devise_parameter_sanitizer.for(:sign_up) do |u|
u.permit(:name, :surname, :patronymic, :username, :phone, :email, :password, :password_confirmation)
end
devise_parameter_sanitizer.for(:account_update) do |u|
u.permit(:name, :surname, :patronymic, :username, :phone, :email, :password, :password_confirmation, :current_password)
end
end
end
The problem is I can't change params[:user][:phone] because it unpermitted: Unpermitted parameters: phone. How can I change it after I get params? Thanks!

These aren't permitted because of Rails Strong Parameters. See the 'Strong Parameters' section in the Devise Github page.
Long story short, something like this should be placed into your ApplicationController, not the Devise controllers:
class ApplicationController < ActionController::Base
before_action :configure_permitted_parameters, if: :devise_controller?
protected
def configure_permitted_parameters
devise_parameter_sanitizer.for(:sign_up) << :phone
end
end

How to add username field to devise gem?

Here is what I tried,
rails g migration add_username_to_hrs
bundle exec rake db:migrate
added the attr_accessible:username
restarted the server
My add_username_to_hr.rb
class AddUsernameToAuthorize < ActiveRecord::Migration
def change
add_column :authorizes, :username, :string
end
end
Error
undefined method `username' for #
Question: How can I add a username field in my devise gem?

Answer is now outdated [ Valid for rails4 ]
I have done the same. Please follow these steps:
rails generate migration add_username_to_users username:string:uniq
rake db:migrate
add attr_accessible :username
in application_controller.rb:
before_action :configure_permitted_parameters, if: :devise_controller?
protected
def configure_permitted_parameters
devise_parameter_sanitizer.for(:sign_up) { |u| u.permit(:username, :email, :password, :password_confirmation, :remember_me) }
devise_parameter_sanitizer.for(:sign_in) { |u| u.permit(:login, :username, :email, :password, :remember_me) }
devise_parameter_sanitizer.for(:account_update) { |u| u.permit(:username, :email, :password, :password_confirmation, :current_password) }
end
in config/initializers if you want to replace email by usernname
config.authentication_keys = [ :username ]
config.case_insensitive_keys = [ :username ]
config.strip_whitespace_keys = [ :username ]
update the views.
Note if attr_accessible :usernamegives error try attr_accessor :username

If you are using rails 4 then put below code in application controller
class ApplicationController < ActionController::Base
before_action :configure_permitted_parameters, if: :devise_controller?
protected
def configure_permitted_parameters
devise_parameter_sanitizer.for(:sign_up) << :username
end
end

If you are using rails 4 then follow this steps:
rails g migration AddUserNameToAuthorize
rake db:migrate
put this code in application_controller.rb to accept username parameter for sign_in, sign_up and also for account_update:
class ApplicationController < ActionController::Base
protect_from_forgery with: :exception
def configure_permitted_parameters
devise_parameter_sanitizer.for(:sign_in) { |u| u.permit(:email, :password,:username) }
devise_parameter_sanitizer.for(:sign_up) { |u| u.permit(:email, :password, :password_confirmation,:username) }
devise_parameter_sanitizer.for(:account_update) { |u| u.permit(:email, :password, :password_confirmation,:username) }
end
end

Devise actually add the field to model which you specified during devise setup. If You have add migration to that model. For example, you have used devise for user model, then you can generate migration for adding the username to user model and run the db:migrate and add the attr_accessible :username to model, if you are using rails < 4

You have to add username in the model which you had given in below command
rails g devise <modelname>
Once you are done then you need to follow your above steps but need to modify devise configuration file to look for username for login instead of email. Then restart rails server and it should be fine.

source = https://github.com/heartcombo/devise
add username to your usermodel
db:migrate
and then past following in your ApplicationController:
class ApplicationController < ActionController::Base
before_action :configure_permitted_parameters, if: :devise_controller?
protected
def configure_permitted_parameters
devise_parameter_sanitizer.permit(:sign_up, keys: [:username])
end
end
also this in your devise/registration/new.html.erb into the
<%= f.input :username,
required: true,
autofocus: true,
input_html: { autocomplete: "username" }%>
and you're good to go