I'm searching for a Gem that will create a private and public key from a given string, that can then be stored in a database. Can anyone recommend such a Gem?
Devise allows this for a token via token_authenticable, I have not found a gem that does this however, so my models usually looks like:
class User < ActiveRecord::Base
devise :database_authenticatable, :registerable,
:recoverable, :rememberable, :trackable, :validatable, :token_authenticatable, :confirmable
before_save :ensure_authentication_token
before_save :create_secret_token
# Setup accessible (or protected) attributes for your model
attr_accessible :email, :password, :password_confirmation, :remember_me
private
def create_secret_token
self.secret_token = ActiveSupport::SecureRandom.base64(20).tr('+/=', '-_ ').strip.delete("\n") unless self.secret_token
end
end
The secret_token generator line ensures that the +/= characters are replaced and then whitespace is removed. "+/=" characters can be difficult to deal with when using RESTful APIs:
ActiveSupport::SecureRandom.base64(20).tr('+/=', '-_ ').strip.delete("\n")
Related
So currently validatable validates the presence of email and password. It can also validate an emails format. However, my user model requires more than just an email and password. I am also requiring a first, last and user name. So in order for me to validate the presence of these attributes I have to use rails validates as shown:
class User < ActiveRecord::Base
# Include default devise modules. Others available are:
# :confirmable, :lockable, :timeoutable and :omniauthable
devise :database_authenticatable, :registerable,
:recoverable, :rememberable, :trackable, :validatable
validates :first_name, presence: true
validates :last_name, presence: true
validates :user_name, presence: true
end
I was wondering if there was a way to add first, last and user name to the validatable action. I have checked the devise.rb file and found the validatable config for a password_length and email_regexp but don't quite know how I can add additional attributes to the validatable function. Obviously this isn't a huge deal, but would be nice for cleaning up code in my User's model. Thank you for any responses to my questions.
While you could potentially monkeypatch Devise::Models::Validatable at runtime it would be rather foolish. Its going to take 5 times more code and potentially break upgrades.
The whole point of the module is to provide models with the basic validations needed for Devise to work out of the box.
What you are adding are validations which are specific to your application. As such it belongs in your application - don't try to stuff it back into the library.
Instead can clean up your model by:
class User < ActiveRecord::Base
# Include default devise modules. Others available are:
# :confirmable, :lockable, :timeoutable and :omniauthable
devise :database_authenticatable, :registerable,
:recoverable, :rememberable, :trackable, :validatable
validates_presence_of :first_name, :last_name, :user_name
end
I'm trying to recover a user's password with devise, but it generates the following error
undefined method `reset_password_sent_at=' for #<User:0x007fb78cfafb68>
Can anyone help me with this, since I'm new to Ruby on Rails?
What is the best way to recover a password and email the user using Devise? Thank you very much...
I'm use devise (2.2.3)
User.rb
require 'digest/md5'
class User < ActiveRecord::Base
# Setup accessible (or protected) attributes for your model
belongs_to :shop
before_create :compute_email_md5
# Include default devise modules. Others available are:
# :token_authenticatable, :confirmable,
# :lockable, :timeoutable and :omniauthable
devise :database_authenticatable,
:recoverable,
:rememberable,
:trackable,
:validatable,
:token_authenticatable
# Setup accessible (or protected) attributes for your model
attr_accessible :email,
:email_md5,
:password,
:password_confirmation,
:shop_id,
:role,
:terms,
:name,
:notify_on_order_received
validates :terms, :acceptance => true, :on => :create
end
THE SOLUTION IS
add reset_password_sent_at column to user table
As you've discovered, passord recovery requires that the model have a reset_password_sent_at column. Adding it via migration should solve this problem.
As for the reason this is happening, I'm guessing you added password recovery (the :recoverable module) after initially generating your Devise-enabled model (User). That's why Devise's generator didn't create that column for you.
I am using Devise for user registration and authentication but want to have user profiles too, for example /user/john-doe with all the fields like Company Name, Phone Number etc which the person can add.
Is there any Rails way to get it done out of the box? any gem for this? if not, can someone give me some direction on how to do it?
There is no gem to add company name, phone etc (at least I know :)), but normally what I do is,
I add the above columns to table, via a migration
Ex: add_column :users, :company_name, :string
then I update the model accordingly
class User < ActiveRecord::Base
# Include default devise modules. Others available are:
# :token_authenticatable, :confirmable,
# :lockable, :timeoutable and :omniauthable
devise :database_authenticatable, :registerable,
:recoverable, :rememberable, :trackable, :validatable
# Setup accessible (or protected) attributes for your model
attr_accessible :email, :password, :password_confirmation, :remember_me, *:company_name*
end
then I run this command to copy the devise views
rails generate devise:views
then I update the corresponding view with new text_boxes etc..
HTH
I have user model with use of devise gem, I dont have attr_accessible for any fields still I get the error:
Can't mass-assign protected attributes
My User class as below
class User < ActiveRecord::Base
devise :database_authenticatable, :registerable,
:recoverable, :rememberable, :trackable,
:token_authenticatable #, :validatable
end
I also have the same problem, maybe devise does something with attr_accessible. You need to set up attr_accessible in your model to make it work.
class User < ActiveRecord::Base
devise :database_authenticatable, :registerable,
:recoverable, :rememberable, :trackable, :token_authenticatable #, :validatable`
# Setup accessible (or protected) attributes for your model
attr_accessible :first_name, :last_name, :email, :password, :password_confirmation
end
You can checkout these railscasts episodes.
http://railscasts.com/episodes/209-introducing-devise
http://railscasts.com/episodes/210-customizing-devise
If I have put the attr_protected instead of the attr_accessible then it works for me.
FYI, I am using Rails 3.2.3 with Ruby 1.9.3
Since Rails 3.2.3, config.active_record.whitelist_attributes in config/application.rb is true by default. You must manually set attr_accessible for attributes that needs to be mass-assignable (or you can set whitelist_attributes to false to disable this behavior).
I set only attr_accessible :name, :password, :password_confirmation and it is working,
without set config.active_record.whitelist_attributes = false in config\application.rb
Only check for correct names of vars from _form.html.erb in the attr_accessible.
I have a user model as follows:
class User < ActiveRecord::Base
devise :database_authenticatable, :registerable, :invitable,
:recoverable, :rememberable, :trackable, :validatable,
:token_authenticatable, :omniauthable
validates_presence_of :nickname, :unless => :skip_nickname_requirement
end
I have a number of user records in the database with a nil nickname - those individuals were imported from another system and I don't actually have their nickname. Those users are invited to set their passwords via the lost passwords link like http://example.com/users/password/edit?reset_password_token=iAYeQRwWrt8geC8eEXR4, and then when they log in, add their personal details such as nickname, etc.
The problem is that when you go to that reset password you're prompted to enter your password (and again for confirmation). When you submit, validation fails because the nickname is nil.
How do I disable the nickname validation when reseting your password? I don't want to add the nickname textfield on the password reset form.
Thanks in advance for your thoughts!
I don't know if simple validates_presence_of :nickname, allow_blank: true would solve your problem, because you may want it to be blank only for those imported users. Therefore, other way would be to use custom validations.
# app/models/user.rb
class NicknameValidator < ActiveModel::EachValidator
def validate_each(record, attribute, value)
record.errors[attribute] << "validation failed" unless :skip_nickname_requirement?(value)
end
private
def skip_nickname_requirement?(values)
# imported_from_legacy_system? would need to be implemented
value.present? || self.imported_from_legacy_system?
end
end
class User < ActiveRecord::Base
devise :database_authenticatable, :registerable, :invitable,
:recoverable, :rememberable, :trackable, :validatable,
:token_authenticatable, :omniauthable
validates :nickname, :nickname => true
end