Devise: Sign-in fails, how to debug?

Question

I have a simple app with a User model and an authentication system built from scratch. I am now trying to use Devise instead, and it does not work and, as a newbie in web development, there is something I don't grasp and I don't know how to debug this.

My problem is: Devise is installed and works, except that sign-in always return "invalid email or password" even if both fields are correct.

I have developed an empty app, added Devise, and I don't have this problem. The problem thus probably comes because I try to add Devise to an existing User model.

I have read the doc and the Devise wiki, which has a topic on this subject: here. says to remove :database_authenticatable from the migration fields, because the User model has already a email field, and replace it with t.encrypted_password, which I did in the migration.

Now, in my user model, I left :database_authenticatable in the attr_accessible. If I remove it, I have a lot of error messages that session_path is not recognized, etc ... but it has not been migrated ? Also, :encrypted_password does not appear anywhere in my model, is this normal ?...

I know it is really a newbie question, I'm a bit lost and don't know if I should rewrite my app from the start or if there's an easy fix...I don't know how to debug also, all I see in the logs is that "unauthorized" appears when user should be signing in successfully, and also that "authentication_token" is not the same when trying to sign_in that the one generated once signed up

so, I'm lost, if it seems obvious to you, I'd be glad to hear any advice ...

I add below the routes.rb, User.rb, schema.rb and migration file

routes.rb:

TapaG::Application.routes.draw do

  devise_for :users

  get "pages/home"

  resources :users
  resources :belongings

  devise_scope :user do
    get "sign_in", :to => "devise/sessions#new"
    get "sign_out", :to => "devise/sessions#destroy"
    get "sign_up", :to => "devise/registrations#new"
  end

  get "pages/more_details"
  get "pages/infos_pratiques"
  get "pages/contact_us"

  #match 'Profil', :to => 'users#Profil'
  match "more_details", :to => "pages#more_details"
  match 'contact_us', :to => 'pages#contact_us'
  match "infos_pratiques", :to => "pages#infos_pratiques"
  match '/belongings/new', :to => 'belongings#new'
  root :to => 'pages#home'

migration:

class AddDeviseToUsers < ActiveRecord::Migration
  def self.up
    change_table(:users) do |t|
      t.recoverable
      t.rememberable
      t.trackable
      t.encrypted_password :null => false, :default => '', :limit => 128

      # t.encryptable
      # t.confirmable
      # t.lockable :lock_strategy => :failed_attempts, :unlock_strategy => :both
      # t.token_authenticatable


      # Uncomment below if timestamps were not included in your original model.
      # t.timestamps
    end

    add_index :users, :email,                :unique => true
    add_index :users, :reset_password_token, :unique => true
    # add_index :users, :confirmation_token,   :unique => true
    # add_index :users, :unlock_token,         :unique => true
    # add_index :users, :authentication_token, :unique => true
  end

  def self.down
    # By default, we don't want to make any assumption about how to roll back a migration when your
    # model already existed. Please edit below which fields you would like to remove in this migration.
    raise ActiveRecord::IrreversibleMigration
  end
end

User.rb:

class User < ActiveRecord::Base
  # Include default devise modules. Others available are:
  # :token_authenticatable, :encryptable, :confirmable, :lockable, :timeoutable and :omniauthable
  devise :registerable, #:database_authenticatable, 
         :recoverable, :rememberable, :trackable, :validatable

  # Setup accessible (or protected) attributes for your model
  attr_accessible :email, :password, :password_confirmation, :remember_me
  attr_accessor :password
  attr_accessible :name, :number_of_positive_reco, :confidence_percent, :avatar

schema.rb:

create_table "users", :force => true do |t|
    t.string   "name"
    t.string   "email"
    t.integer  "number_of_positive_reco"
    t.float    "confidence_percent"
    t.datetime "created_at"
    t.datetime "updated_at"
    t.string   "encrypted_password"
    t.string   "salt"
    t.string   "avatar_file_name"
    t.string   "avatar_content_type"
    t.integer  "avatar_file_size"
    t.datetime "avatar_updated_at"
    t.boolean  "admin",                   :default => false
    t.string   "reset_password_token"
    t.datetime "reset_password_sent_at"
    t.datetime "remember_created_at"
    t.integer  "sign_in_count",           :default => 0
    t.datetime "current_sign_in_at"
    t.datetime "last_sign_in_at"
    t.string   "current_sign_in_ip"
    t.string   "last_sign_in_ip"
  end

  add_index "users", ["email"], :name => "index_users_on_email", :unique => true
  add_index "users", ["reset_password_token"], :name => "index_users_on_reset_password_token", :unique => true

---

Answer 1

The answer is: Remove attr_accessor :password ... otherwise Devise cannot encrypt it!