I am getting this issue on my ubuntu 14.04 I have rails 4.1.8 and ruby 2.1.2.
Last time I have tried it on mac OSX 10.10 with the same rails and ruby versions I was able to create user successfully. But when I am trying it on my ubuntu 14.04 I am getting the following errors for password field:
Password is too short (minimum is 5 characters)
Password confirmation doesn't match Password
It doesn't matter what is the length of the password and I am sure that the password and password confirmation are the same thing. It seems like the authlogic does not recognize my password field.
Here is my config:
acts_as_authentic do |c|
c.validates_length_of_password_field_options = {minimum: 5}
c.crypto_provider = Authlogic::CryptoProviders::BCrypt
c.login_field = :email
Note: Also authlogic recognize my email field as login_field so I don't have any issues with login field only with password and password confirmation.
My password field's name in DB is :crypted_password.
Can any body please help me with this strange issue or can anybody tell me how I can debug it to see why authlogic validation fails for passord?
I have fixed this issue. My form was like this:
<div class="form-group">
<%= f.label :crypted_password, 'Password' %><br>
<%= f.password_field :crypted_password, class: 'form-control' %>
</div>
And the my user parameters in controller were like this:
params.require(:user).permit(:email, :crypted_password, :password_confirmation )
And it seems like that the authlogic did not recognize the crypted_password parameter as password. And when I removed the "crypted" from :crypted_password it worked. I have no clue why it worked on Mac OSX but now it works on my ubuntu 14.04.
Related
it's my first post. I start to learn Ruby and Ruby On Rails framework.
I want to test User Model with RSpec and i have problem with pass validation of password and password_confirmation.
Code: https://github.com/paw3lgora/gCMS/blob/master/spec/models/user_spec.rb
I have problem with line: it { should validate_confirmation_of(:password) }
I don't wanna use devise gem or has_secure_password method from BCrypt because i learn Ruby and I want to implement my authentcation systems from scratch and add Argon2 in the future.
This give me error like:
1) User validation password should validate that
:password_confirmation matches :password
Failure/Error: it { should validate_confirmation_of(:password) }
User did not properly validate that :password_confirmation matches
:password.
After setting :password_confirmation to ‹"some value"›, then setting
:password to ‹"different value"›, the matcher expected the User to be
invalid and to produce the validation error "doesn't match Password"
on :password_confirmation. The record was indeed invalid, but it
produced these validation errors instead:
* name: ["Nazwa użytkownika nie może być pusta.", "Nazwa użytkownika
jest za krótka. Minimum 2 znaki."]
* email: ["Nie podałeś emaila.", "Email jest za krótki. Minimum 5
znaków.", "Podałeś złą nazwę użytkownika."]
* password_confirmation: ["Hasła nie pasują do siebie."]
# ./spec/models/user_spec.rb:27:in `block (4 levels) in <top (required)>'
Help me guys! :)
If you read the whole message carefully you'll see
The record was indeed invalid, but it
produced these validation errors instead:
Which means that the validation failed, but the matcher expects the validation errors to be exactly as specified. And there were more.
You have two options:
add all failed validation expectations in your spec
prepare the user object in such way that :name and :email are valid.
Running OSX Mavericks, ruby 2.1.1p76 (2014-02-24 revision 45161) [x86_64-darwin13.0], rvm 1.25.23 (master), and rails-4.1.0 (allegedly)
I'm working through the railsapps.org book on learning rails I have finished implementing the mailchimp email list code, and when I press submit on my form, I get the following error:
Gibbon::GibbonError at /visitors
You must set an api_key prior to making a call
I was working through an invalid URI error, and it mysteriously disappeared over the weekend (I haven't touched the Mac since last Friday). Now I have this new error.
My API Key and List ID are valid and properly set. If I look back in the log, I see another error that the mailchimp.lists.subscribe method is missing.
Here's the code as implemented from the book:
class Visitor < ActiveRecord::Base
has_no_table
column :email, :string
validates_presence_of :email
validates_format_of :email, :with => /\A[-a-z0-9_+\.]+\#([-a-z0-9]+\.)+[a-z0-9]{2,4}\z/i
def subscribe
mailchimp = Gibbon::API.new
result = mailchimp.lists.subscribe({
:id => Rails.application.secrets.mailchimp_list_id,
:email => {:email => self.email},
:double_optin => false,
:update_existing => true,
:send_welcome => true
})
Rails.logger.info("Subscribed #{self.email} to MailChimp") if result
end
end
I hate being a noob when I can't debug for myself... Replies are appreciated.
Regards,
Jeff
Gibbon automatically looks for the environment variable MAILCHIMP_API_KEY and Gibbon will use it when you create an instance. If you haven't set a Unix env variable MAILCHIMP_API_KEY, you will need to set it explicitly. To hardcode it:
mailchimp = Gibbon::API.new("your_api_key")
Or obtain it from the config/secrets.yml file:
mailchimp = Gibbon::API.new(Rails.application.secrets.mailchimp_api_key)
Using Rails 4 and Devise 3.1.0 on my web app. I wrote a Cucumber test to test user sign up; it fails when the "confirm my account" link is clicked from the e-mail.
Scenario: User signs up with valid data # features/users/sign_up.feature:9
When I sign up with valid user data # features/step_definitions/user_steps.rb:87
Then I should receive an email # features/step_definitions/email_steps.rb:51
When I open the email # features/step_definitions/email_steps.rb:76
Then I should see the email delivered from "no-reply#mysite.com" # features/step_definitions/email_steps.rb:116
And I should see "You can confirm your account email through the link below:" in the email body # features/step_definitions/email_steps.rb:108
When I follow "Confirm my account" in the email # features/step_definitions/email_steps.rb:178
Then I should be signed in # features/step_definitions/user_steps.rb:142
expected to find text "Logout" in "...Confirmation token is invalid..." (RSpec::Expectations::ExpectationNotMetError)
./features/step_definitions/user_steps.rb:143:in `/^I should be signed in$
This error is reproducible when I sign up manually through the web server as well, so it doesn't appear to be a Cucumber issue.
I would like:
The user to be able to one-click confirm their account through this e-mail's link
Have the user stay signed in after confirming their account
I have setup:
The latest Devise code, from GitHub (3.1.0, ref 041fcf90807df5efded5fdcd53ced80544e7430f)
A User class that implements confirmable
Using the 'default' confirmation controller (I have not defined my own custom one.)
I have read these posts:
Devise confirmation_token is invalid
Devise 3.1: Now with more secure defaults
GitHub Issue - Devise confirmation_token invalid
And have tried:
Setting config.allow_insecure_tokens_lookup = true in my Devise initializer, which throws an 'unknown method' error on startup. Plus it sounds like this is only supposed to be a temporary fix, so I'd like to avoid using it.
Purged my DB and started from scratch (so no old tokens are present)
Update:
Checking the confirmation token stored on the User after registering. The emails token matches the DBs token. According to the posts above, the new Devise behavior says not supposed to, and that instead it is should generate a second token based on the e-mail's token. This is suspicious. Running User.confirm_by_token('[EMAIL_CONFIRMATION_TOKEN]') returns a User who has errors set "#messages={:confirmation_token=>["is invalid"]}", which appears to be the source of the issue.
Mismatching tokens seems to be the heart of the issue; running the following code in console to manually change the User's confirmation_token causes confirmation to succeed:
new_token = Devise.token_generator.digest(User, :confirmation_token, '[EMAIL_TOKEN]')
u = User.first
u.confirmation_token = new_token
u.save
User.confirm_by_token('[EMAIL_TOKEN]') # Succeeds
So why is it saving the wrong confirmation token to the DB in the first place? I am using a custom registration controller... maybe there's something in it that causes it to be set incorrectly?
routes.rb
devise_for :users,
:path => '',
:path_names => {
:sign_in => 'login',
:sign_out => 'logout',
:sign_up => 'register'
},
:controllers => {
:registrations => "users/registrations",
:sessions => "users/sessions"
}
users/registrations_controller.rb:
class Users::RegistrationsController < Devise::RegistrationsController
def create
# Custom code to fix DateTime issue
Utils::convert_params_date_select params[:user][:profile_attributes], :birthday, nil, true
super
end
def sign_up_params
# TODO: Still need to fix this. Strong parameters with nested attributes not working.
# Permitting all is a security hazard.
params.require(:user).permit!
#params.require(:user).permit(:email, :password, :password_confirmation, :profile_attributes)
end
private :sign_up_params
end
So upgrading to Devise 3.1.0 left some 'cruft' in a view that I hadn't touched in a while.
According to this blog post, you need to change your Devise mailer to use #token instead of the old #resource.confirmation_token.
Find this in app/views/<user>/mailer/confirmation_instructions.html.erb and change it to something like:
<p>Welcome <%= #resource.email %>!</p>
<p>You can confirm your account email through the link below:</p>
<p><%= link_to 'Confirm my account', confirmation_url(#resource, :confirmation_token => #token) %></p>
This should fix any token-based confirmation problems you're having. This is likely to fix any unlock or reset password token problems as well.
A friend of mine just found this question and emailed me asking if I had figured this out, which reminded me that I never submitted my own answer, so here goes :)
I ended up resetting the token & using send to get the raw token. It's ugly, but it works in a punch for devise (3.5.1).
26 it "should auto create org" do
27 email = FG.generate :email
28 visit new_user_registration_path
29 fill_in :user_name, with: 'Ryan Angilly'
30 fill_in :user_user_provided_email, with: email
31 fill_in :user_password, with: '1234567890'
32
33 expect do
34 click_button 'Continue'
35 end.to change { Organization.count }.by(1)
36
37 expect(page.current_path).to eq(confirmation_required_path)
38 u = User.where(email: email).first
39 u.send :generate_confirmation_token
40 email_token = u.instance_variable_get(:#raw_confirmation_token)
41 u.save!
42 os = u.organizations
43 expect(os.size).to eq(1)
44 visit user_confirmation_path(confirmation_token: email_token)
45 o = os.first
46
47 u.reload
48 expect(u.confirmed?)
49 expect(page.current_url).to eq(organization_getting_started_url(o))
50 end
As of devise 3.5.2, the confirmation token is no longer digested during the confirmation process. This means that the token in the email will match the token in the database.
I was still having trouble with confirmations after figuring this out, but in my case it turned out to be a bug I introduced when I overrode find_first_by_auth_conditions. By fixing the bug I introduced in that method, I fixed my errors with confirmation.
I'd like to let devise strip leading and trailing whitespaces around the users password.
So I changed in devise.rb
config.strip_whitespace_keys = [ :email ]
to
config.strip_whitespace_keys = [ :email, :password ]
as suggested by documentation.
I restarted the server, but only email is stripped.
Even if I remove :email from that config the email still is stripped, but the password isn't.
rails is 3.2.12, devise is 2.1.3
Thanks in advance for any hint.
Add this in User model:
alias :orig_valid_password? :valid_password?
def valid_password?(password)
orig_valid_password?(password.strip)
end
I have just built a rails 3 application by using Mike Hartl's "Learn Rails by Example". I am ready to deploy it but I am confused about how to add the administrator to the application. I will be the only administrator. Will the administrator be added before deployment and if so how do I do this.
What I believe you need when you talk about an "administrator account" is in fact two different things: authentication (the login) & authorization (what a login can/cannot do).
Under rails, one way to do that is by using two different gems. I suggest you have a look at devise, and cancan. They have both been developed and are actively maintained by rails superstars: José Valim and Ryan Bates.
The tutorial doesn't actually go through creating an interface where you can create admins. If you want to test the part where you're not allowed to delete other administrator accounts, you can test it with faker by adding 2 admins to the sample_data.rake file:
def make_users
admin = User.create!(:name => "Example User",
:email => "example#railstutorial.org",
:password => "foobar",
:password_confirmation => "foobar")
admin.toggle!(:admin)
admin2 = User.create!(:name => "Example User2",
:email => "example2#railstutorial.org",
:password => "foobar",
:password_confirmation => "foobar")
admin.toggle!(:admin)
99.times do |n|
name = Faker::Name.name
email = "example-#{n+1}#railstutorial.org"
password = "password"
User.create!(:name => name,
:email => email,
:password => password,
:password_confirmation => password)
end
end
If you want to add an admin to production, I'm guessing you could create your account and toggle the admin function with a database editor and then push the db to the production server? That's what I would do but I'm by no means an expert.
for admin control panel on my web-apps i'm using typus gem https://github.com/fesplugas/typus/
it will generate an admin page and by the default typus will use your model default_scope to fetch data.
I'm busy with the same thing!
I found this on STACK:
rails c
Loading development environment (Rails 3.0.0.beta3)
irb(main):001:0> admin = Admin.create! do |u|
irb(main):002:1* u.email = 'sample#sample.com'
irb(main):003:1> u.password = 'password'
irb(main):004:1> u.password_confirmation = 'password'
irb(main):005:1> end
I changed the Admin to User, but the problem is it creates a normal user not an admin user. Somewhere we need to put in - admin.toggle!(:admin) or make it true. I'll let you know if I find anything else.