发表新帖
发表新帖

Rails 3 - Devise : How to skip the 'current_password' when editing a registration?

前端 未结
关注
5 2005
无人共我
无人共我 2021-01-30 18:53

I\'ve implemented omniauth with my devise model, so I can authenticate using other services. Password is not necessary anymore for my model, as users can authenticate using twit

相关标签:
5条回答
  • 天涯浪人
    2021-01-30 19:20

    Even the answer has been here for a while I want to post a new one, as I think the selected answer has a little flaws. Maybe it didn't have at the moment the answer was created, but now in 2013, the answer would be like this:

    The solution would be to create in User model like this:

      # bypass re-entering current password for edit
  def update_with_password(params={}) 
    current_password = params.delete(:current_password)

    if params[:password].blank? 
      params.delete(:password) 
      params.delete(:password_confirmation) if params[:password_confirmation].blank? 
    end 
    update_attributes(params) 

    clean_up_passwords
  end
    0 讨论(0)
  • 旧时难觅i
    2021-01-30 19:20

    As of devise v4.6.2. It is very easy to do.

    As documentation said here:

    By default we want to require a password checks on update. You can overwrite this method in your own RegistrationsController.

    It means, in your controller override the method update_resource to replace update_with_password with update_without_password:

    class Users::RegistrationsController < Devise::RegistrationsController

  # ...

  protected

  def update_resource(resource, params)
    resource.update_without_password(params)
  end
end
    0 讨论(0)
  • 没有蜡笔的小新
    2021-01-30 19:37

    Similar to above, try putting this in your user model:

    # bypasses Devise's requirement to re-enter current password to edit
def update_with_password(params={}) 
  if params[:password].blank? 
    params.delete(:password) 
    params.delete(:password_confirmation) if params[:password_confirmation].blank? 
  end 
  update_attributes(params) 
end
    0 讨论(0)
  • 傲寒
    2021-01-30 19:37

    The following worked for me:

    In my users controller, in the update action, I have

    params[:user].delete(:password) if params[:user][:password].blank?
params[:user].delete(:password_confirmation) if params[:user][:password_confirmation].blank?

    Perhaps you could adapt that to a before_save callback?

    0 讨论(0)
  • 梦如初夏
    2021-01-30 19:40

    there is an easier answer, i do not know when devise first had this method but by just adding

    Model.update_without_password(params)

    it will update attributes without requiring current password.

    0 讨论(0)
 看不清?
提交回复
热议问题