I am using devise for authentication in my rails app.
I keep getting different errors like "undefined method XXXX for User:class".
Looking for some help to setup devise correctly.
I have the module database_authenticable setup for Users and I hit the error:
undefined method `params_authenticatable?' for User:Class
Its comming from the following devise code in lib/devise/strategies/authenticatable.rb
def params_authenticatable?
mapping.to.params_authenticatable?(authenticatable_name)
end
Here are my devise settings:
class User < ActiveRecord::Base
rolify
# Include default devise modules. Others available are:
# :token_authenticatable, :confirmable,
# :lockable, :timeoutable and :omniauthable
devise :database_authenticatable, :registerable,
:recoverable, :trackable, :validatable , :omniauthable, :omniauth_providers => [:linkedin]
.
.
end
class DeviseCreateUsers < ActiveRecord::Migration
def change
create_table(:users) do |t|
## Database authenticatable
t.string :email, :null => false, :default => ""
t.string :encrypted_password, :null => false, :default => ""
## Recoverable
t.string :reset_password_token
t.datetime :reset_password_sent_at
## Rememberable
t.datetime :remember_created_at
## Trackable
t.integer :sign_in_count, :default => 0
t.datetime :current_sign_in_at
t.datetime :last_sign_in_at
t.string :current_sign_in_ip
t.string :last_sign_in_ip
## Confirmable
# t.string :confirmation_token
# t.datetime :confirmed_at
# t.datetime :confirmation_sent_at
# t.string :unconfirmed_email # Only if using reconfirmable
## Lockable
# t.integer :failed_attempts, :default => 0 # Only if lock strategy is :failed_attempts
# t.string :unlock_token # Only if unlock strategy is :email or :both
# t.datetime :locked_at
## Token authenticatable
# t.string :authentication_token
t.timestamps
end
add_index :users, :email, :unique => true
add_index :users, :reset_password_token, :unique => true
# add_index :users, :confirmation_token, :unique => true
# add_index :users, :unlock_token, :unique => true
# add_index :users, :authentication_token, :unique => true
end
end
Mu authentication requirements are straightforward and I want to use Linkedin authentication and eventually allowing other omni auths as well.
I am wondering if I should use socery or something else for simple authentication
Thanks !
I am using Rails4.0
Related
I am using devise 4.8.1 with rails 7.0.3 and postgresql, I just started using devise, and I generated the views using rails g devise:views and then applied the migration using "rails db:migrate"
This is my user model:
class User < ApplicationRecord
# Include default devise modules. Others available are:
# :confirmable, :lockable, :timeoutable, :trackable and :omniauthable
devise :database_authenticatable, :registerable,
:recoverable, :rememberable, :validatable, :confirmable
has_many :posts, foreign_key: 'author_id'
has_many :comments, foreign_key: 'author_id'
has_many :likes, foreign_key: 'author_id'
attr_accessor :password, :password_confirmation
validates :name, presence: true
validates :PostsCounter, presence: true, numericality: { greater_than_or_equal_to: 0 }
def recent_posts
posts.order(created_at: :desc).limit(3)
end
end
This is the migration that I added:
# frozen_string_literal: true
class AddDeviseToUsers < ActiveRecord::Migration[7.0]
def self.up
change_table :users do |t|
## Database authenticatable
t.string :email, null: false, default: ""
t.string :encrypted_password, null: false, default: ""
## Recoverable
t.string :reset_password_token
t.datetime :reset_password_sent_at
## Rememberable
t.datetime :remember_created_at
## Trackable
# t.integer :sign_in_count, default: 0, null: false
# t.datetime :current_sign_in_at
# t.datetime :last_sign_in_at
# t.string :current_sign_in_ip
# t.string :last_sign_in_ip
## Confirmable
t.string :confirmation_token
t.datetime :confirmed_at
t.datetime :confirmation_sent_at
t.string :unconfirmed_email # Only if using reconfirmable
## Lockable
# t.integer :failed_attempts, default: 0, null: false # Only if lock strategy is :failed_attempts
# t.string :unlock_token # Only if unlock strategy is :email or :both
# t.datetime :locked_at
# Uncomment below if timestamps were not included in your original model.
# t.timestamps null: false
end
add_index :users, :email, unique: true
add_index :users, :reset_password_token, unique: true
add_index :users, :confirmation_token, unique: true
# add_index :users, :unlock_token, unique: true
end
def self.down
# By default, we don't want to make any assumption about how to roll back a migration when your
# model already existed. Please edit below which fields you would like to remove in this migration.
raise ActiveRecord::IrreversibleMigration
end
end
This morning devise was working fine, when I sign up the password gets encrypted and then saved now when I sign up and then try to login it says invalid email/password, when I checked my PostgreSQL database I found out that nothing is getting saved in the encrypted_password column as shown in this picture, I tried searching online but couldn't find any solution, I also tried to reinstall the gems and nothing worked, I am not sure how to fix this issue, please assist me with this.
If you need any more information about my code please let me know.
Edit: I am not sure if it's okay to share this but this is my GitHub repository and branch that has the issue (the issue is only presented in that branch feature/devise), I tried to share some pieces of the code I have but it's better to see the project structure in my opinion.
Did you try creating user from the rails console? If it gets saved with encrypted password, there is nothing wrong in the code. If it does not, it will throw the error and you can debug from there?
I have been trying to add user login / authentication to my RoR site. I am using Devise.
Things work fine in my dev instance (I use Cloud9, in case useful).
However when I push to Heroku / production, for any page related to the user functionality (e.g. User Sign up, User login, or a page which checks if the user is logged in), it errors out. All Heroku gives me is:
NoMethodError (undefined method `to_sym' for nil:NilClass):
Just looking for some ideas on what could be happening?
user.rb:
class User < ApplicationRecord
# Include default devise modules. Others available are:
# :confirmable, :lockable, :timeoutable, :trackable and :omniauthable
devise :database_authenticatable, :registerable,
:recoverable, :rememberable, :validatable
enum role: [:user, :business, :admin]
after_initialize :set_default_role, :if => :new_record?
def set_default_role
self.role ||= :user
end
DeviseCreateUsers migration:
# frozen_string_literal: true
class DeviseCreateUsers < ActiveRecord::Migration[5.0]
def change
create_table :users do |t|
## Database authenticatable
t.string :email, null: false, default: ""
t.string :encrypted_password, null: false, default: ""
## Recoverable
t.string :reset_password_token
t.datetime :reset_password_sent_at
## Rememberable
t.datetime :remember_created_at
## Trackable
# t.integer :sign_in_count, default: 0, null: false
# t.datetime :current_sign_in_at
# t.datetime :last_sign_in_at
# t.string :current_sign_in_ip
# t.string :last_sign_in_ip
## Confirmable
# t.string :confirmation_token
# t.datetime :confirmed_at
# t.datetime :confirmation_sent_at
# t.string :unconfirmed_email # Only if using reconfirmable
## Lockable
# t.integer :failed_attempts, default: 0, null: false # Only if lock strategy is :failed_attempts
# t.string :unlock_token # Only if unlock strategy is :email or :both
# t.datetime :locked_at
t.integer :role, default: 0
t.timestamps null: false
end
add_index :users, :email, unique: true
add_index :users, :reset_password_token, unique: true
# add_index :users, :confirmation_token, unique: true
# add_index :users, :unlock_token, unique: true
end
end
Many thanks!
I'm developing user sign in function with devise and devise-token-auth.
When I create test user record, and try to sign in, It's not working.
Server(localhost) returnd [Completed 401 Unauthorized].
I checked forrowing points.
stamped confirmed_at column
typo(password and email)
user.confirmed? => true
enviroment
Docker
ruby 2.7.2
rails (6.1.3.1)(API)
bcrypt (3.1.16)
devise (4.7.3)
devise_token_auth (1.1.5)
files
devise.rb
Devise.setup do |config|
config.mailer_sender = Rails.application.credentials.config[:smtp_settings][:user_name]
config.mailer = 'DeviseMailer'
require 'devise/orm/active_record'
config.case_insensitive_keys = [:email]
config.strip_whitespace_keys = [:email]
config.http_authenticatable_on_xhr = true
config.skip_session_storage = [:http_auth]
config.stretches = Rails.env.test? ? 1 : 12
config.reconfirmable = true
config.expire_all_remember_me_on_sign_out = true
config.reset_password_within = 6.hours
config.scoped_views = true
config.sign_out_via = :delete
end
devise_token_auth.rb
DeviseTokenAuth.setup do |config|
config.change_headers_on_each_request = false
config.token_lifespan = 2.weeks
config.token_cost = Rails.env.test? ? 4 : 10
config.headers_names = {:'access-token' => 'access-token',
:'client' => 'client',
:'expiry' => 'expiry',
:'uid' => 'uid',
:'token-type' => 'token-type' }
config.send_confirmation_email = true
config.default_confirm_success_url = 'https://example.com/login'
config.default_callbacks = false
end
routes.rb
Rails.application.routes.draw do
scope :api do
mount_devise_token_auth_for 'User', at: 'users', controllers: {
registrations: 'users/registrations',
}
resources :users, only: [:show]
end
end
application_controller.rb
class ApplicationController < ActionController::API
include DeviseTokenAuth::Concerns::SetUserByToken
end
user.rb
class User < ApplicationRecord
# Include default devise modules. Others available are:
# :validatable, :lockable, :timeoutable, :rememberable, :trackable and :omniauthable
devise :database_authenticatable, :registerable, :recoverable, :trackable, :confirmable
include DeviseTokenAuth::Concerns::User
migration
class DeviseTokenAuthCreateUsers < ActiveRecord::Migration[6.0]
def change
create_table(:users) do |t|
## Required
t.string :provider, :null => false, :default => "email"
t.string :uid, :null => false, :default => ""
## Database authenticatable
t.string :encrypted_password, :null => false, :default => ""
## Recoverable
t.string :reset_password_token
t.datetime :reset_password_sent_at
t.boolean :allow_password_change, :default => false
## Rememberable
t.datetime :remember_created_at
## Trackable
t.integer :sign_in_count, default: 0, null: false
t.datetime :current_sign_in_at
t.datetime :last_sign_in_at
t.string :current_sign_in_ip
t.string :last_sign_in_ip
## Confirmable
t.string :confirmation_token
t.datetime :confirmed_at
t.datetime :confirmation_sent_at
t.string :unconfirmed_email
## User Info
t.string :name
t.string :nickname
t.string :image
t.string :email
## Tokens
t.json :tokens
t.timestamps
end
add_index :users, :email, unique: true
add_index :users, [:uid, :provider], unique: true
add_index :users, :reset_password_token, unique: true
add_index :users, :confirmation_token, unique: true
end
end
I am new to rails+angular. For my app, I want to lock out user after 5 failed password attempts. I decided to follow this:
How to make Devise lockable with number of failed attempts
But when I try logging in after 5 failed attempts, it lets me through
I added the :locked module to my user.rb (shown below) file so that the locked feature appears in devise.rb
User.rb
class User < ActiveRecord::Base
include TokenAuthenticatable
TYPE = {
:admin => 1,
:member => 2
}
devise :database_authenticatable, :registerable, :recoverable,
:rememberable, :trackable, :validatable, :token_authenticatable,
:timeoutable, :lockable ##this was added
has_and_belongs_to_many :clients
end
In my migrations then, I un-commented out the lockable part of it :
class DeviseCreateUsers < ActiveRecord::Migration
def change
create_table(:users) do |t|
t.string :first_name
t.string :last_name
t.string :type
## Database authenticatable
t.string :email, :null => false, :default => ""
t.string :encrypted_password, :null => false, :default => ""
## Recoverable
t.string :reset_password_token
t.datetime :reset_password_sent_at
## Rememberable
t.datetime :remember_created_at
## Trackable
t.integer :sign_in_count, :default => 0
t.datetime :current_sign_in_at
t.datetime :last_sign_in_at
t.string :current_sign_in_ip
t.string :last_sign_in_ip
## Confirmable
# t.string :confirmation_token
# t.datetime :confirmed_at
# t.datetime :confirmation_sent_at
# t.string :unconfirmed_email # Only if using reconfirmable
## Lockable
t.integer :failed_attempts, :default => 0 # Only if lock strategy is :failed_attempts
t.string :unlock_token # Only if unlock strategy is :email or :both
t.datetime :locked_at
## Token authenticatable
# t.string :authentication_token
t.timestamps
end
add_index :users, :email, :unique => true
add_index :users, :reset_password_token, :unique => true
# add_index :users, :confirmation_token, :unique => true
# add_index :users, :unlock_token, :unique => true
# add_index :users, :authentication_token, :unique => true
end
end
To troubleshoot this, I also tried adding :locked, :failed_attempts => 5and uncommented out all the lockable features in initializer/devise. I am unsure on how to proceed - help would be appreciated.
I am really new to rails and have been trying to work on building an application. I recently have installed devise and omniauth for facebook with great success after some time. When I was reading into devise, I noticed that Devise has a "forgot password" module built into it.
I have scoured the internet and for the life of me haven't figured out how to set it up. Is there any guide?I have been working for hours, but I haven't really had any results. How do I set this up? I am using rails 4.0 and the newest version of devise.
Thanks,
Routes
Omrails::Application.routes.draw do
resources :boards
resources :pins
get 'about' => "pages#about"
root :to => 'pins#index'
resources :tests, :birthdays
devise_for :users, :controllers => { :omniauth_callbacks => "users/omniauth_callbacks" }
end
Devise Migration:
class DeviseCreateUsers < ActiveRecord::Migration
def change
create_table(:users) do |t|
## Database authenticatable
t.string :email, :null => false, :default => ""
t.string :encrypted_password, :null => false, :default => ""
## Recoverable
t.string :reset_password_token
t.datetime :reset_password_sent_at
## Rememberable
t.datetime :remember_created_at
## Trackable
t.integer :sign_in_count, :default => 0, :null => false
t.datetime :current_sign_in_at
t.datetime :last_sign_in_at
t.string :current_sign_in_ip
t.string :last_sign_in_ip
## Confirmable
# t.string :confirmation_token
# t.datetime :confirmed_at
# t.datetime :confirmation_sent_at
# t.string :unconfirmed_email # Only if using reconfirmable
## Lockable
# t.integer :failed_attempts, :default => 0, :null => false # Only if lock strategy is :failed_attempts
# t.string :unlock_token # Only if unlock strategy is :email or :both
# t.datetime :locked_at
t.timestamps
end
add_index :users, :email, :unique => true
add_index :users, :reset_password_token, :unique => true
# add_index :users, :confirmation_token, :unique => true
# add_index :users, :unlock_token, :unique => true
end
end
User.rb
class User < ActiveRecord::Base
# Include default devise modules. Others available are:
# :token_authenticatable, :confirmable,
# :lockable, :timeoutable and :omniauthable
devise :database_authenticatable,
:registerable,
:rememberable,
:trackable,
:recoverable,
:validatable,
:omniauthable,
:omniauth_providers => [:facebook]
# Setup accessible (or protected) attributes for your model
attr_accessible :email, :password, :password_confirmation, :remember_me, :name, :birthday, :sex, :address, :mobile, :provider, :uid
has_many :pins, :dependent => :destroy
has_many :boards, :dependent => :destroy
def self.find_for_facebook_oauth(auth, signed_in_resource=nil)
user = User.where(:provider => auth.provider, :uid => auth.uid).first
unless user
user = User.create(name:auth.extra.raw_info.name,
provider:auth.provider,
uid:auth.uid,
email:auth.info.email,
password:Devise.friendly_token[0,20])
end
user
end
end
Devise consists of 10 modules and the one you're looking for is recoverable. In your devise model, you need to add :recoverable attribute for devise.