Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Customizing Devise with Strong Parameters

Tags:

ruby-on-rails

ruby-on-rails-4

devise

strong-parameters

I'm using Rails 4.0.0 and Devise 3.0.2 and trying to configure Devise with Strong Parameters following this instruction within the Devise README.

I wrote code like this in the application_controller.rb

class ApplicationController < ActionController::Base
  before_filter :configure_permitted_parameters, if: :devise_controller?

  protected

  def configure_permitted_parameters
    devise_parameter_sanitizer.for(:sign_up) << :nick
  end
end

Then I visited http://localhost:3000/users/sign_up. I got a NoMethodError in Devise::RegistrationsController#new, which says:

undefined method <<' for {}:ActionController::Parameters

and points to the exact line where I wrote devise_parameter_sanitizer.for(:sign_up) << :nick

Is there anything I did wrong? Thanks for your help.

like image 692
Jun Zhou Avatar asked Aug 17 '13 09:08

Jun Zhou

People also ask

Why do we have to use strong parameters in Rails?

Strong Parameters, aka Strong Params, are used in many Rails applications to increase the security of data sent through forms. Strong Params allow developers to specify in the controller which parameters are accepted and used.

What is Devise_parameter_sanitizer?

The devise_parameter_sanitizer. sanitize() method, defined in the Devise::ParameterSanitizer class, is used by devise in order to filter the allowed parameters, from its controllers, for a given action. It is very similar to the Rails strong parameters feature.

How does devise Current_user work?

current_user works by storing id of current user in the application session. Most commonly session is stored in cookies. Whether or not the cookies survive browser restart depends on client's browser settings.

What is devise gem in Ruby on Rails?

Devise is the cornerstone gem for Ruby on Rails authentication. With Devise, creating a User that can log in and out of your application is so simple because Devise takes care of all the controllers necessary for user creation ( users_controller ) and for user sessions ( users_sessions_controller ).

2 Answers

Try:

    class ApplicationController < ActionController::Base
      ...
      before_filter :configure_permitted_parameters, if: :devise_controller?   
      ...
      def configure_permitted_parameters
         devise_parameter_sanitizer.for(:sign_up) { |u| 
            u.permit(:email, :password, :password_confirmation, :nick) 
         }
      end

It works for me! :D

like image 177
Carlos André Oliveira Avatar answered Nov 07 '22 05:11

Carlos André Oliveira

As Jose Valim said, it's Devise 3.1.0.rc feature, that's why it doesn't work. You have to use other syntaxes that are in README.

like image 4
Rafał Cieślak Avatar answered Nov 07 '22 03:11

Rafał Cieślak
Sign in to Comment

Related questions

Rails: Is devise vulnerable to session hijacking?
Uninitialized constant AssetSync
Rails 3 respond_with custom template
Rails No route matches {:controller=>"devise/products"}
Self referential "twin" has_one association
Rails format validation -- alphanumeric, but not purely numeric
How do I use a rails link_to helper within a .map block such that the output is an actual link, and not the text representation of the HTML
How can I display 'Delete Confirm Dialog' with bootstrap's modal? not like browser's default
How change jquery version with rails asset pipeline
How do I configure Rails to send emails on 500 error?
Is there a way to run a command on all Heroku dynos?
Rails has_many :through sum attribute on "child objects" --> SQL Toughy
Rails: Show 5 most recent posts excluding the most recent post
Combining assets into a single file in Rails 4 development environment
Rails + Rake: How to simulate running of rake task to see if it works?
You cannot specify the same gem twice with different version requirements
Disabled HTTP methods on Heroku
How to Track Devise User Registration as Conversion in Google Analytics
Stubbing ActiveRecord associations
Could not load 'active_record/connection_adapters/sqlite3_adapter'

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!