Unpermitted Parameters adding new fields to Devise in rails 4.0
Very new to working with rails. I have implemented a basic login system using Devise. I am trying to add a couple of new fields (bio:string, name:string) into the sign_up pa
-
The problem seems with the strong parameters, look here and copy the code.
https://github.com/plataformatec/devise/blob/rails4/app/controllers/devise/registrations_controller.rb
Copy that file to the same location in your project
app/controllers/devise/registrations_controller.rband change the code of the create action
# POST /resource def create # THIS LINE IS THE ONE YOU CHANGE self.resource = build_resource(sign_up_params.merge(:bio, :name)) if resource.save if resource.active_for_authentication? set_flash_message :notice, :signed_up if is_navigational_format? sign_up(resource_name, resource) respond_with resource, :location => after_sign_up_path_for(resource) else set_flash_message :notice, :"signed_up_but_#{resource.inactive_message}" if is_navigational_format? expire_session_data_after_sign_in! respond_with resource, :location => after_inactive_sign_up_path_for(resource) end else clean_up_passwords resource respond_with resource end endI must tell you that Iam not pretty sure if this works because I don't use devise but seeing the code it seems it will work.
讨论(0) -
For both sign_up and account_update do this for
controllers/applcation_controller.rbclass ApplicationController < ActionController::Base protect_from_forgery with: :exception before_action :authenticate_user! before_action :configure_permitted_parameters, if: :devise_controller? protected def configure_permitted_parameters devise_parameter_sanitizer.for(:account_update) { |u| u.permit(:password, :password_confirmation,:current_password,:email,:name, :phonenumber,:province,:city,:area,:idcardimg,:role) } devise_parameter_sanitizer.for(:sign_up) { |u| u.permit(:password, :password_confirmation,:current_password,:email,:name, :phonenumber,:province,:city,:area,:idcardimg,:role) } end end讨论(0) -
Here's another straight forward way that works in my rails 4.2.1 app:
Create the following file
/config/initializers/devise_permitted_parameters.rband the code..
module DevisePermittedParameters extend ActiveSupport::Concern included do before_filter :configure_permitted_parameters end protected def configure_permitted_parameters devise_parameter_sanitizer.for(:sign_up) << :name devise_parameter_sanitizer.for(:account_update) << :name devise_parameter_sanitizer.for(:sign_up) << :bio devise_parameter_sanitizer.for(:account_update) << :bio end end DeviseController.send :include, DevisePermittedParameters讨论(0) -
I was having trouble with this too. The documentation on devise's site helped as well as some forums. Here's what I ended up doing:
In custom RegistrationsController (app/controllers/users/registrations_controller.rb)
# app/controllers/users/registrations_controller.rb class Users::RegistrationsController < Devise::RegistrationsController before_filter :update_sanitized_params, if: :devise_controller? def update_sanitized_params devise_parameter_sanitizer.for(:sign_up) {|u| u.permit(:name, :email, :password, :password_confirmation)} end endThen in your route file (config/routes.rb) us this for your devise_for statement:
devise_for :users, controllers: {registrations: "users/registrations"}讨论(0) -
Make sure you are using Devise 3.0.0 at least. Add to your application controller:
before_filter :update_sanitized_params, if: :devise_controller? def update_sanitized_params devise_parameter_sanitizer.for(:sign_up) {|u| u.permit(:bio, :name)} endDocumentation: https://github.com/plataformatec/devise#strong-parameters
讨论(0) -
Devise prepared everything for that :
In the users controller you have
private # Never trust parameters from the scary internet, only allow the white list through. def user_params params.require(:user).permit(:full_name <add your parameter>) end讨论(0)
加载中...
- 热议问题