Develop Reference

forgot password using devise rails

I am using devise for user in my rails application
When i click on forgot password than it send mail to user for reset password instruction.
but when i click on that password reset link in mail it redirect to my custom user controller which i create for user edit profile...
how to call devise password edit method
below is my controller/users.
class UsersController < ApplicationController
def edit
#user = User.find(params[:id])
end
def update
#user = User.find(params[:id])
if #user.update_attributes(user_params)
flash[:notice] = "Profile successfully updated"
redirect_to authenticated_root_path
else
render 'edit'
end
end
def change_password
#user = User.find(current_user.id)
end
private
def user_params
params.require(:user).permit(:email, :first_name, :last_name,
:dob, :address, :zip_code, :about_me, :country_id, :state_id,
:city_id, :phone_no, :status, :profile_pic, :gender,
:password, :password_confirmation)
end
end

Use this path for password reset for devise:
edit_user_registration_path

ActiveModel::ForbiddenAttributesError Ruby On Rails

I created a project in Ruby On rails and I have controller user like this:
class UsersController < ApplicationController
before_action :set_user, only: [:edit, :update]
def new
#user = User.new
end
def create
#user = User.new(params[:user])
if #user.save
redirect_to root_url, :notice => "Signed up!"
else
render "new"
end
end
private
def user_params
params.require(:user).permit(:email, :password, :password_confirmation)
end
end
And model user like this:
class User < ActiveRecord::Base
#attr_accessible :email, :password, :password_confirmation
attr_accessor :password
before_save :encrypt_password
def self.authenticate(email, password)
user = find_by_email(email)
if user && user.password_hash == BCrypt::Engine.hash_secret(password, user.password_salt)
user
else
nil
end
end
def encrypt_password
if password.present?
self.password_salt = BCrypt::Engine.generate_salt
self.password_hash = BCrypt::Engine.hash_secret(password, password_salt)
end
end
end
And when I try to create new user i get Error: ActiveModel::ForbiddenAttributesError
Parameters:
{"utf8"=>"✓",
"authenticity_token"=>"74Mhbpn9FF/tY/cgfuVmX7ribN4rOkkdUjSgbLNsces=",
"user"=>{"email"=>"henio180#interia.pl",
"password"=>"[FILTERED]",
"password_confirmation"=>"[FILTERED]"},
"button"=>""}
I am using Ruby on Rails 4.0.3.

In your create method change:
#user = User.new(params[:user])
to
#user = User.new(user_params)
Although you created the method correctly to set up strong parameters, you are not actually using it. There is good detail about using strong parameters in the Rails guide: http://guides.rubyonrails.org/action_controller_overview.html#strong-parameters

Unknown attribute rails 4

im new into Rails 4 development and rails in general. I red official "getting started with rails" guide where it is shown how to create blog. So I want to do my own from 0 registration, auth system.
While creating new user I get this error. I do not understand what I am doing wrong. Any advice?
Git repo:
https://github.com/pumpurs/auth
ActiveRecord::UnknownAttributeError in UsersController#create
unknown attribute: password
class UsersController < ApplicationController
def new
#user = User.new
end
def create
#user = User.new(params[:user].permit(:password, :email, :password_confirmation))
end
private
def user_params
params.require(:user).permit(:password, :email, :password_confirmation)
end
end
Model file:
class User < ActiveRecord::Base
before_save :encrypt_password
validates_confirmation_of :password
validates_presence_of :password, :on => :create
validates_presence_of :email
validates_uniqueness_of :email
def enrypt_password
if password.present?
self.password_salt = BCript::Engine.generate_salt
self.password_hash = BCript::Engine.generate.hash_seret(password, password_salt)
end
end
end

You need to add attr_accessor :password to your User model, to provide a non-db-backed attribute to use to base your db-backed password_hash attribute off of.

Passing email address from params to a model method in Rails 3.2.11

In the following code I get "wrong number of arguments (0 for 2)" for the following line
user = User.authenticate(params[:email], params[:password])
if params[:email] contains # character. Without the # character everything works fine, I don't have a single idea how to solve it.
I tried to give an email as string like user = User.authenticate("test#test.com", params[:password]) and I don't get the error.
Could anyone help with it?
My code:
Controller:
class SessionsController < ApplicationController
def new
end
def create
user = User.authenticate(params[:email], params[:password])
if user
session[:user_id] = user.id
redirect_to root_url, :notice => "Logged in!"
else
flash.now.alert = "Invalid email or password"
render "new"
end
end
end
Model:
class User < ActiveRecord::Base
attr_accessor :password
before_save :encrypt_password
validates_confirmation_of :password
validates_presence_of :password, :on => :create
validates_presence_of :email
validates_uniqueness_of :email
def encrypt_password
if password.present?
self.password_salt = BCrypt::Engine.generate_salt
self.password_hash = BCrypt::Engine.hash_secret(password, password_salt)
end
end
def self.authenticate(email, password)
user = find_by_email(email)
if user && user.password_hash == BCrypt::Engine.hash_secret ↵
(password, user.password_salt)
user
else
nil
end
end
end

Try:
User.authenticate(params[:email].to_s, params[:password])
This is because your email type is string and you are passing it a hash in the method.

User.authenticate method returning nil in Rails 3?

The User.authenticate method is returning nil even though the user exists in the database with the correct email and password. This happens when calling the authenticate method from the Create action in the Sessions controller or from the Rails Console (irb).
Any help with this problem will be greatly appreciated.
class SessionsController < ApplicationController
def new
end
def create
user = User.authenticate(params[:session][:email],
params[:session][:password])
if user.nil?
flash.now[:error] = "Invalid email/password combination"
render 'new'
else
sign_in user
redirect_to user
end
end
def destroy
sign_out
render 'pages/options'
end
end
Here is my User model:
class User < ActiveRecord::Base
attr_accessor :password
attr_accessible :first_name, :last_name, :email, :password, :password_confirmation,
:account_type, :email_confirmed, :weight
validates :password, :presence => true,
:confirmation => true,
:length => { :within => 6..40 }
before_save :encrypt_password
def has_password?(submitted_password)
encrypted_password == encrypt(submitted_password)
end
def self.authenticate(email, submitted_password)
user = find_by_email(email)
return nil if user.nil?
return user if user.has_password?(submitted_password)
end
def self.authenticate_with_salt(id, cookie_salt)
user = find_by_id(id)
(user && user.salt == cookie_salt) ? user : nil
end
private #################################################
def encrypt_password
self.salt = make_salt if new_record?
self.encrypted_password = encrypt(password)
end
def encrypt(string)
secure_hash("#{salt}--#{string}")
end
def make_salt
secure_hash("#{Time.now.utc}--#{password}")
end
def secure_hash(string)
Digest::SHA2.hexdigest(string)
end
def generate_email_conf_code
email_conf_code = secure_hash("#{Time.now.utc}")
self.email_conf_code = email_conf_code
end
end

Try to check your server log. You can also monitor them directly on the terminal. Look for the session email received on the server. It looks something like this on Rails 3.1.1
Parameters: {"session"=>{"email"=>"xxx#yyy.com", "password"=>"[FILTERED]"}}
See that you're getting the email correctly. If not, I guess you know what to do.

does your database store a password_digest or encrypted_password column? Older tutorials by michael hartl used password_digest, now they seem they are encrypted_password.