I have installed devise gem in my app for registration. I have same issue like this question
I have generated Doctor model by
rails generate devise Doctor
And here is doctor.rb
class Doctor < ActiveRecord::Base
# Include default devise modules. Others available are:
# :confirmable, :lockable, :timeoutable and :omniauthable
devise :database_authenticatable, :registerable,
:recoverable, :rememberable, :trackable, :validatable
end
I also generated controller by rails generate devise:controllers doctors
class Doctors::RegistrationsController < Devise::RegistrationsController
before_filter :sign_up_params, only: [:create]
before_filter :account_update_params, only: [:update]
#
# # GET /resource/sign_up
# def new
# super
# end
##
## # POST /resource
# def create
# super
# end
##
## # GET /resource/edit
# def edit
# super
# end
##
## # PUT /resource
# def update
# super
# end
##
## # DELETE /resource
# def destroy
# super
# end
protected
def sign_up_params
params.require(:doctor).permit(:first_name, :last_name, :email, :password, :password_confirmation, :gender, :contact_no, :about_me, :certification, :exp_summary, :username)
end
#
def account_update_params
params.require(:doctor).permit(:first_name, :last_name, :email, :password, :password_confirmation, :current_password , :gender, :contact_no, :about_me, :certification, :exp_summary, :username)
end
# protected
# You can put the params you want to permit in the empty array.
#def configure_sign_up_params
# devise_parameter_sanitizer.for(:sign_up) << :first_name, :last_name, :gender, :contact_no, :about_me, :certification, :exp_summary, :username
#end
# You can put the params you want to permit in the empty array.
#def configure_account_update_params
# devise_parameter_sanitizer.for(:account_update) << :first_name, :last_name, :gender, :contact_no, :about_me, :certification, :exp_summary, :username
#end
# The path used after sign up.
# def after_sign_up_path_for(resource)
# super(resource)
# end
# The path used after sign up for inactive accounts.
# def after_inactive_sign_up_path_for(resource)
# super(resource)
# end
end
I have written in routes.rb file devise_for :doctor, :controllers => { sessions: "doctors/sessions"}.
Here is my logs from terminal after submitting Sign_up form
Started POST "/doctor" for 127.0.0.1 at 2014-12-04 16:52:20 +0530
Processing by Devise::RegistrationsController#create as HTML
Parameters: {"utf8"=>"✓", "authenticity_token"=>"8Dd5u5Qq+kLyAI+RaEuoSyjsxteHw4VBndQC+W5yjy0=", "doctor"=>{"username"=>"Test5", "first_name"=>"John", "last_name"=>"Smith", "contact_no"=>"8787878787", "gender"=>"true", "email"=>"john#smith.com", "about_me"=>"Test", "certification"=>"Test", "exp_summary"=>"Test", "password"=>"[FILTERED]", "password_confirmation"=>"[FILTERED]"}, "commit"=>"Sign up"}
Unpermitted parameters: username, first_name, last_name, contact_no, gender, about_me, certification, exp_summary
(0.2ms) BEGIN
Doctor Exists (0.3ms) SELECT 1 AS one FROM `doctors` WHERE `doctors`.`email` = BINARY 'john#smith.com' LIMIT 1
SQL (0.2ms) INSERT INTO `doctors` (`created_at`, `email`, `encrypted_password`, `updated_at`) VALUES ('2014-12-04 11:22:20', 'john#smith.com', '$2a$10$as.WAOu05ET7RUtnsdTC2ucqotK5Ls2Z6iKWI.wW3gSuIwohYfoTW', '2014-12-04 11:22:20')
(116.8ms) COMMIT
(0.1ms) BEGIN
SQL (0.3ms) UPDATE `doctors` SET `current_sign_in_at` = '2014-12-04 11:22:20', `current_sign_in_ip` = '127.0.0.1', `last_sign_in_at` = '2014-12-04 11:22:20', `last_sign_in_ip` = '127.0.0.1', `sign_in_count` = 1, `updated_at` = '2014-12-04 11:22:20' WHERE `doctors`.`id` = 7
(56.6ms) COMMIT
Redirected to http://localhost:3000/
Completed 302 Found in 254ms (ActiveRecord: 174.5ms)
Started GET "/" for 127.0.0.1 at 2014-12-04 16:52:20 +0530
Processing by HomeController#index as HTML
Doctor Load (0.3ms) SELECT `doctors`.* FROM `doctors` WHERE `doctors`.`id` = 7 ORDER BY `doctors`.`id` ASC LIMIT 1
Rendered home/index.html.erb within layouts/application (0.0ms)
Completed 200 OK in 32ms (Views: 30.5ms | ActiveRecord: 0.3ms)
Started GET "/assets/application.css?body=1" for 127.0.0.1 at 2014-12-04 16:52:20 +0530
Started GET "/assets/home.css?body=1" for 127.0.0.1 at 2014-12-04 16:52:20 +0530
Started GET "/assets/jquery.js?body=1" for 127.0.0.1 at 2014-12-04 16:52:20 +0530
Started GET "/assets/jquery_ujs.js?body=1" for 127.0.0.1 at 2014-12-04 16:52:20 +0530
Started GET "/assets/turbolinks.js?body=1" for 127.0.0.1 at 2014-12-04 16:52:20 +0530
Started GET "/assets/application.js?body=1" for 127.0.0.1 at 2014-12-04 16:52:20 +0530
Started GET "/assets/home.js?body=1" for 127.0.0.1 at 2014-12-04 16:52:20 +0530
Why my custom fields are not saved? Where I do mistake?
Update
Controller Structure:
controllers
-> doctors
-> confirmations_controller.rb
-> omniauth_callbacks_controller.rb
-> passwords_controller.rb
-> registrations_controller.rb
-> sessions_controller.rb
-> unlocks_controller.rb
-> application_controller.rb
-> home_controller.rb
EDITED:
Okay! You were trying to override the devise controllers which is not required in your case. Follow these simple steps:
rails g model Doctor
Create your fields except email and password. Devise will take care of that.
rails g devise:install
rails g devise Doctor
In your ApplicationController:
before_action :configure_permitted_parameters, if: :devise_controller?
def configure_permitted_parameters
devise_parameter_sanitizer.for(:sign_up) { |u| u.permit(:username, :address, :phone, :email) }
end
Please try to do like following. Hopes it work for you. :)
class RegistrationsController < Devise::RegistrationsController
def create
devise_parameter_sanitizer.for(:sign_up) << [:first_name, :last_name]
super
end
end
Related
I am new to Rails and stuck over here..could you please help me to solve this.
console
Started POST "/users/sign_in" for ::1 at 2020-03-25 11:46:10 +0530
Processing by Users::SessionsController#create as HTML
Parameters: {"authenticity_token"=>"seSNKhVVbrFM+XALvQExwMNxI1KY74or3Cy6Y0wYnU7RLjC6uuaM057jKmQ73a0g84qQNnOVREL0RZ6AuarGQA==", "user"=>{"email"=>"yadu#g.com", "password"=>"[FILTERED]", "remember_me"=>"0"}, "commit"=>"Log in"}
================================
User Load (0.3ms) SELECT "users".* FROM "users" WHERE "users"."email" = ? ORDER BY "users"."id" ASC LIMIT ? [["email", "yadu#g.com"], ["LIMIT", 1]]
↳ app/controllers/users/sessions_controller.rb:16:in `create'
Completed 401 Unauthorized in 248ms (ActiveRecord: 0.3ms | Allocations: 1519)
Started GET "/users/sign_in" for ::1 at 2020-03-25 11:46:10 +0530
Processing by Users::SessionsController#new as HTML
Rendering devise/sessions/new.html.erb within layouts/application
Rendered devise/shared/_links.html.erb (Duration: 1.0ms | Allocations: 525)
sessions_controller.rb
class Users::SessionsController < Devise::SessionsController
before_action :configure_sign_in_params, only: [:create]
# GET /resource/sign_in
def new
super
end
# POST /resource/sign_in
def create
logger.debug "================================ #{configure_sign_in_params}"
super
end
# DELETE /resource/sign_out
def destroy
super
end
private
# If you have extra params to permit, append them to the sanitizer.
def configure_sign_in_params
devise_parameter_sanitizer.permit(:sign_in) { |u| u.permit( :email, :password ) }
# params.require(:user).permit(:email, :password, :remember_me)
end
end
routes.rb
devise_for :users, controllers: { omniauth_callbacks: 'users/omniauth',sessions: 'users/sessions'}
resources :users
resources :product_categories
config/initializers/devise.rb
# Use this hook to configure devise mailer, warden hooks and so forth.
# Many of these configuration options can be set straight in your model.
Devise.setup do |config|
config.mailer_sender = 'please-change-me-at-config-initializers-devise#example.com'
config.case_insensitive_keys = [:email]
config.strip_whitespace_keys = [:email]
config.stretches = Rails.env.test? ? 1 : 11
config.reconfirmable = true
# Invalidates all the remember me tokens when the user signs out.
config.expire_all_remember_me_on_sign_out = true
config.password_length = 6..128
config.email_regexp = /\A[^#\s]+#[^#\s]+\z/
config.timeout_in = 30.minutes
config.reset_password_within = 6.hours
config.omniauth :facebook, ENV['FACEBOOK_APP_ID'], ENV['FACEBOOK_APP_SECRET'], scope: 'public_profile,email'
config.omniauth :github, ENV['GITHUB_APP_ID'], ENV['GITHUB_APP_SECRET'], scope: 'user,public_repo'
config.omniauth :google_oauth2, ENV['GOOGLE_APP_ID'], ENV['GOOGLE_APP_SECRET'], scope: 'userinfo.email,userinfo.profile'
config.omniauth :twitter, ENV['TWITTER_APP_ID'], ENV['TWITTER_APP_SECRET']
end
Issue
I can register a user successfully, but cannot log in using that user. It shows 401 unautherized at the time. It appears that the parameter arrives in the configuration_sign_in_params method, but the return value of the configuration_sign_in_params method is empty.
All these issues are started from when i set login with social accounts ...Before that everything were fine .
I am trying to use devise_token_auth gem with API app on Rails 5.0.2.
I installed gem typically as mentioned on https://github.com/lynndylanhurley/devise_token_auth, so added to Gemfile, bundled and installed on User model. The problem is that, I don't want to use authentification (registration and login) with email. I just want to use telephone number instead (of course POST including with password and password_confirmation).
I added column :telephone_number, which will be unique to users table. And procced required steps to achieve this. https://github.com/plataformatec/devise/wiki/How-To:-Allow-users-to-sign-in-with-something-other-than-their-email-address
So this is what it looks like in code.
devise.rb
Devise.setup do |config|
...
config.authentication_keys = [ :telephone_number ]
config.case_insensitive_keys = [ :telephone_number ]
config.strip_whitespace_keys = [ :telephone_number ]
...
user.rb
class User < ActiveRecord::Base
# Include default devise modules.
devise :database_authenticatable, :registerable,
:recoverable, :rememberable, :trackable, :validatable,
:omniauthable, :authentication_keys => [:telephone_number]
include DeviseTokenAuth::Concerns::User
def email_required?
false
end
def email_changed?
false
end
application_controller.rb
class ApplicationController < ActionController::API
include DeviseTokenAuth::Concerns::SetUserByToken
before_action :configure_permitted_parameters, if: :devise_controller?
protected
def configure_permitted_parameters
added_attrs = [:telephone_number, :password, :password_confirmation, :remember_me]
devise_parameter_sanitizer.permit :sign_up, keys: added_attrs
devise_parameter_sanitizer.permit :account_update, keys: added_attrs
end
end
Server is starting properly, no exception is given. But when I test registration with RESTfull services POST on /auth it gives me validation error, that email can't be blank.
{"status":"error","data":{"id":null,"provider":"email","uid":"",
"name":null,"nickname":null,"image":null,"email":null,
"created_at":null,"updated_at":null,"telephone_number":"0123456789"},
"errors":{"email":["can't be blank","is not an email"],
"full_messages":["Email can't be blank","Email is not an email"]}}
EDIT:
Log from Puma
Started POST "/auth?=" for 127.0.0.1 at 2017-04-24 15:17:13 +0200
Processing by DeviseTokenAuth::RegistrationsController#create as */*
Parameters: {"telephone_number"=>"0123456789", "password"=>"[FILTERED]",
"password_confirmation"=>"[FILTERED]", "registration"=>{"telephone_number"=>"0123456789",
"password"=>"[FILTERED]", "password_confirmation"=>"[FILTERED]"}}
Unpermitted parameter: registration
Unpermitted parameter: registration
Unpermitted parameter: registration
(0.3ms) BEGIN
SQL (0.9ms) INSERT INTO "users" ("encrypted_password", "tokens", "created_at",
"updated_at", "telephone_number") VALUES ($1, $2, $3, $4, $5) RETURNING "id"
[["encrypted_password", "$2a$10$PgCIPAGA1VH1erHvJX5Sg.f4IPmSyfSoVM3EVbKtHkbgeUvEGL5NG"],
["tokens", "{}"], ["created_at", 2017-04-24 13:17:13 UTC], ["updated_at", 2017-04-24 13:17:13 UTC],
["telephone_number", "0123456789"]]
(0.2ms) ROLLBACK
Completed 422 Unprocessable Entity in 139ms (Views: 10.5ms | ActiveRecord: 1.3ms)
Reply on POST /auth
{"status":"error","data":{"id":null,"provider":"email","uid":"",
"name":null,"nickname":null,"image":null,"email":null,
"created_at":"2017-04-24T13:17:13.904Z","updated_at":"2017-04-24T13:17:13.904Z",
"telephone_number":"0123456789"},"errors":["An account already exists for ''"]}
It is checking and validating email, which currently is "", so no account could be registered through.
Is there any config property I should add, or override some method ?
Thank you in advance.
I am using devise for my authentication .On sign up page devise is giving 3 fields and I am trying to add an extra field file_field ..But it is giving me error.I am using carrier wave for file uploading .Also I have a attachment column in my users table but the file is not inserting. I am getting error on console. Unpermitted parameters: attachment.Here is my code can anyone help me in resolving this
[console]
Started POST "/users" for 127.0.0.1 at 2016-02-12 12:15:32 +0530
Processing by Devise::RegistrationsController#create as HTML
Parameters: {"utf8"=>"✓", "authenticity_token"=>"M6F9ME0zJkAxyHPETI8qmCf4a8u8bn4wTmZI0v5xtPQ=", "user"=>{"email"=>"aniketshivam#gmail.com", "password"=>"[FILTERED]", "password_confirmation"=>"[FILTERED]", "attachment"=>#<ActionDispatch::Http::UploadedFile:0x000000040ed928 #tempfile=#<Tempfile:/tmp/RackMultipart20160212-13081-16e7tyg>, #original_filename="73273_773684942011_4_40639956_2125564_n.jpg", #content_type="image/jpeg", #headers="Content-Disposition: form-data; name=\"user[attachment]\"; filename=\"73273_773684942011_4_40639956_2125564_n.jpg\"\r\nContent-Type: image/jpeg\r\n">}, "commit"=>"Sign up"}
Unpermitted parameters: attachment
(0.1ms) BEGIN
User Exists (0.6ms) SELECT 1 AS one FROM `users` WHERE `users`.`email` = BINARY 'aniketshivam#gmail.com' LIMIT 1
SQL (0.3ms) INSERT INTO `users` (`created_at`, `email`, `encrypted_password`, `updated_at`) VALUES ('2016-02-12 06:45:32', 'aniketshivam#gmail.com', '$2a$10$kFDcpyXr1l9Mv7epJY3UMOrq9zyOInuQFQMVcqz34nHxvB.rNGk0C', '2016-02-12 06:45:32')
(34.2ms) COMMIT
(0.1ms) BEGIN
SQL (0.3ms) UPDATE `users` SET `current_sign_in_at` = '2016-02-12 06:45:32', `current_sign_in_ip` = '127.0.0.1', `last_sign_in_at` = '2016-02-12 06:45:32', `last_sign_in_ip` = '127.0.0.1', `sign_in_count` = 1, `updated_at` = '2016-02-12 06:45:32' WHERE `users`.`id` = 6
(40.8ms) COMMIT
Redirected to http://localhost:3000/posts
Completed 302 Found in 183ms (ActiveRecord: 76.3ms)
Started GET "/posts" for 127.0.0.1 at 2016-02-12 12:15:32 +0530
Processing by PostsController#index as HTML
User Load (0.4ms) SELECT `users`.* FROM `users` WHERE `users`.`id` = 6 ORDER BY `users`.`id` ASC LIMIT 1
User Load (0.7ms) SELECT `users`.* FROM `users` WHERE `users`.`id` = 6 LIMIT 1
Post Load (0.7ms) SELECT `posts`.* FROM `posts` WHERE `posts`.`user_id` = 6 ORDER BY created_at DESC LIMIT 5 OFFSET 0
Rendered posts/index.html.erb within layouts/application (2.9ms)
<br>
[registration_controller]
class Users::RegistrationsController < Devise::RegistrationsController
# before_filter :configure_sign_up_params, only: [:create]
# before_filter :configure_account_update_params, only: [:update]
# GET /resource/sign_up
# def new
# super
# end
# POST /resource
# def create
# super
# end
# GET /resource/edit
# def edit
# super
# end
# PUT /resource
# def update
# super
# end
# DELETE /resource
# def destroy
# super
# end
# GET /resource/cancel
# Forces the session data which is usually expired after sign
# in to be expired now. This is useful if the user wants to
# cancel oauth signing in/up in the middle of the process,
# removing all OAuth session data.
# def cancel
# super
# end
# protected
# If you have extra params to permit, append them to the sanitizer.
def configure_sign_up_params
devise_parameter_sanitizer.for(:sign_up).permit(:attachment)
end
# If you have extra params to permit, append them to the sanitizer.
# def configure_account_update_params
# devise_parameter_sanitizer.for(:account_update) << :attribute
# end
# The path used after sign up.
# def after_sign_up_path_for(resource)
# super(resource)
# end
# The path used after sign up for inactive accounts.
# def after_inactive_sign_up_path_for(resource)
# super(resource)
# end
end
[user.rb]
class User < ActiveRecord::Base
# Include default devise modules. Others available are:
# :confirmable, :lockable, :timeoutable and :omniauthable
devise :database_authenticatable, :registerable,
:recoverable, :rememberable, :trackable, :validatable
has_many :posts
has_many :comments
mount_uploader :attachment, AttachmentUploader
def self.find_role(id)
User.find(id).roles
end
end
[registrations/new.html.erb]
<h2>Sign up</h2>
<%= form_for(resource, as: resource_name,html: { multipart: true } ,url: registration_path(resource_name)) do |f| %>
<%= devise_error_messages! %>
<div><%= f.label :email %><br />
<%= f.email_field :email, autofocus: true %></div>
<div><%= f.label :password %> <% if #validatable %><i>(<%= #minimum_password_length %> characters minimum)</i><% end %><br />
<%= f.password_field :password, autocomplete: "off" %></div>
<div><%= f.label :password_confirmation %><br />
<%= f.password_field :password_confirmation, autocomplete: "off" %></div>
<br/>
<div >
<%= f.file_field :attachment %>
</div>
<div><%= f.submit "Sign up" %></div>
<% end %>
<%= render "devise/shared/links" %>
[attachment_uploader.rb]
# encoding: utf-8
class AttachmentUploader < CarrierWave::Uploader::Base
# Include RMagick or MiniMagick support:
# include CarrierWave::RMagick
# include CarrierWave::MiniMagick
# Choose what kind of storage to use for this uploader:
storage :file
# storage :fog
# Override the directory where uploaded files will be stored.
# This is a sensible default for uploaders that are meant to be mounted:
def store_dir
"uploadsss/post/#{model.id}"
end
# Provide a default URL as a default if there hasn't been a file uploaded:
# def default_url
# # For Rails 3.1+ asset pipeline compatibility:
# # ActionController::Base.helpers.asset_path("fallback/" + [version_name, "default.png"].compact.join('_'))
#
# "/images/fallback/" + [version_name, "default.png"].compact.join('_')
# end
# Process files as they are uploaded:
# process :scale => [200, 300]
#
# def scale(width, height)
# # do something
# end
# Create different versions of your uploaded files:
# version :thumb do
# process :resize_to_fit => [50, 50]
# end
# Add a white list of extensions which are allowed to be uploaded.
# For images you might use something like this:
# def extension_white_list
# %w(jpg jpeg gif png)
# end
# Override the filename of the uploaded files:
# Avoid using model.id or version_name here, see uploader/store.rb for details.
# def filename
# "something.jpg" if original_filename
# end
end
Try following in registration_controller
before_filter :configure_sign_up_params
def configure_sign_up_params
devise_parameter_sanitizer.for(:sign_up).push(:attachment)
end
I'm using a customised devise sessions controller to manage my user sessions, however whenever I try sign in as an existing user, my log in functionality doesnt work, it just returns the sign in form, and the server returns this message:
Started POST "/users/sign_in" for 127.0.0.1 at 2015-10-27 13:19:46 +0200
ActiveRecord::SchemaMigration Load (0.4ms) SELECT "schema_migrations".* FROM "schema_migrations"
Processing by Users::SessionsController#create as HTML
Parameters: {"utf8"=>"✓", "authenticity_token"=>"lLtGottAklgEmCS2Y04FFZw3vAtd6EHkKOQMBCOJ4B6yeuFvN34j4OhYz9vd0SzW+gAwCI7GobMs20ubug24Fw==", "user"=>{"cell_number"=>"0798900606", "password"=>"[FILTERED]", "remember_me"=>"0"}, "commit"=>"Log in"}
User Load (0.6ms) SELECT "users".* FROM "users" WHERE "users"."cell_number" = $1 LIMIT 1 [["cell_number", "0798900606"]]
Completed 401 Unauthorized in 45ms (ActiveRecord: 2.5ms)
Processing by Users::SessionsController#new as HTML
Parameters: {"utf8"=>"✓", "authenticity_token"=>"lLtGottAklgEmCS2Y04FFZw3vAtd6EHkKOQMBCOJ4B6yeuFvN34j4OhYz9vd0SzW+gAwCI7GobMs20ubug24Fw==", "user"=>{"cell_number"=>"0798900606", "password"=>"[FILTERED]", "remember_me"=>"0"}, "commit"=>"Log in"}
Rendered users/sessions/new.html.slim within layouts/application (60.1ms)
Rendered application/_analytics.html.slim (4.7ms)
Rendered application/_environment_indicator.html.slim (2.5ms)
Rendered application/_preloader.html.slim (2.4ms)
Rendered application/_flashes.html.slim (3.7ms)
Category Load (0.7ms) SELECT "categories".* FROM "categories" WHERE "categories"."uuid" IS NULL LIMIT 1
Completed 200 OK in 746ms (Views: 660.3ms | ActiveRecord: 0.7ms)
My Sessions Controller looks like this:
class Users::SessionsController < Devise::SessionsController
before_action :configure_sign_in_parameters
def new
super
end
def create
#user = User.find_by(cell_number: params[:user][:cell_number])
super
end
private
def after_sign_in_path_for(resource)
root_path
end
def configure_sign_in_parameters
devise_parameter_sanitizer.for(:sign_in).push(:cell_number, :password)
end
end
My routes look like this:
Rails.application.routes.draw do
### Admin
devise_for :admin_users, ActiveAdmin::Devise.config
ActiveAdmin.routes(self)
### User
devise_for :users, controllers: { :registrations => "users/registrations",
:sessions => "users/sessions",
:passwords => "users/passwords" }
devise_scope :user do
namespace :vodacom do
namespace :users do
get "/register", to: 'registrations#new'
get "/create", to: 'registrations#create'
end
end
end
end
And my sign in form looks like this:
h2 Normal Log in
= simple_form_for #user, url: user_session_path(#user) do |f|
div class="form-inputs"
= f.input :cell_number, required: true, autofocus: true
= f.input :password, required: true
= f.input :remember_me, as: :boolean if devise_mapping.rememberable?
div class="form-actions"
= f.button :submit, "Log in"
Any clue what i'm doing wrong? My application controller specifies that a user should be authenticated before any action.
I figured out what I was doing wrong, my user model does not have an email attribute, rather it has a cell_number attribute. So since i'm using devise, devise defaults "email" as the authentication key for the model. In order to fix this i had to specify cell_number as an authentication key in my User model:
devise :database_authenticatable,
:registerable,
:recoverable,
:rememberable,
:registerable,
:authentication_keys => [:cell_number]
After bundle update I cannot login to my Activeadmin, here is the log.
Is it because the unpermitted params? do I need to config strong parameter to make admin login work? I already have this code for devise:
def configure_permitted_parameters
devise_parameter_sanitizer.for(:sign_in) { |u| u.permit(:email, :password, :remember_me) }
devise_parameter_sanitizer.for(:sign_up) { |u| u.permit(:username, :email, :password) }
end
Started POST "/admin/login" for 127.0.0.1 at 2013-10-30 22:33:25 +1300
Processing by ActiveAdmin::Devise::SessionsController#create as HTML
Parameters: {"utf8"=>"✓", "authenticity_token"=>"MhoM/R/oVfad/iiov2zpqfoJ5XOSLda6rTl/V2cMIZE=", "admin_user"=>{"email"=>"tester#iv.com", "password"=>"[FILTERED]", "remember_me"=>"0"}, "commit"=>"Login"}
Completed 401 Unauthorized in 0.6ms
Processing by ActiveAdmin::Devise::SessionsController#new as HTML
Parameters: {"utf8"=>"✓", "authenticity_token"=>"MhoM/R/oVfad/iiov2zpqfoJ5XOSLda6rTl/V2cMIZE=", "admin_user"=>{"email"=>"tester#iv.com", "password"=>"[FILTERED]", "remember_me"=>"0"}, "commit"=>"Login"}
Unpermitted parameters: email, password, remember_me
Rendered /home/jcui/.rvm/gems/ruby-1.9.3-p194/gems/activeadmin-0.6.2/app/views/active_admin/devise/shared/_links.erb (0.6ms)
Rendered /home/jcui/.rvm/gems/ruby-1.9.3-p194/gems/activeadmin-0.6.2/app/views/active_admin/devise/sessions/new.html.erb within layouts/active_admin_logged_out (118.2ms)
Completed 200 OK in 130.7ms (Views: 129.9ms | ActiveRecord: 0.0ms | Solr: 0.0ms)
I assume that devise configuration is in your ApplicationController. Did you include the before_filter call?
before_filter :configure_permitted_parameters, if: :devise_controller?
def configure_permitted_parameters
devise_parameter_sanitizer.for(:sign_in) { |u| u.permit(:email, :password, :remember_me) }
devise_parameter_sanitizer.for(:sign_up) { |u| u.permit(:username, :email, :password) }
end