I have a simple app with a User model and an authentication system built from scratch. I am now trying to use Devise instead, and it does not work and, as a newbie in web development, there is something I don't grasp and I don't know how to debug this.
My problem is: Devise is installed and works, except that sign-in always return "invalid email or password" even if both fields are correct.
I have developed an empty app, added Devise, and I don't have this problem. The problem thus probably comes because I try to add Devise to an existing User model.
I have read the doc and the Devise wiki, which has a topic on this subject: here. says to remove :database_authenticatable from the migration fields, because the User model has already a email field, and replace it with t.encrypted_password, which I did in the migration.
Now, in my user model, I left :database_authenticatable in the attr_accessible. If I remove it, I have a lot of error messages that session_path is not recognized, etc ... but it has not been migrated ? Also, :encrypted_password does not appear anywhere in my model, is this normal ?...
I know it is really a newbie question, I'm a bit lost and don't know if I should rewrite my app from the start or if there's an easy fix...I don't know how to debug also, all I see in the logs is that "unauthorized" appears when user should be signing in successfully, and also that "authentication_token" is not the same when trying to sign_in that the one generated once signed up
so, I'm lost, if it seems obvious to you, I'd be glad to hear any advice ...
I add below the routes.rb, User.rb, schema.rb and migration file
routes.rb:
TapaG::Application.routes.draw do
devise_for :users
get "pages/home"
resources :users
resources :belongings
devise_scope :user do
get "sign_in", :to => "devise/sessions#new"
get "sign_out", :to => "devise/sessions#destroy"
get "sign_up", :to => "devise/registrations#new"
end
get "pages/more_details"
get "pages/infos_pratiques"
get "pages/contact_us"
#match 'Profil', :to => 'users#Profil'
match "more_details", :to => "pages#more_details"
match 'contact_us', :to => 'pages#contact_us'
match "infos_pratiques", :to => "pages#infos_pratiques"
match '/belongings/new', :to => 'belongings#new'
root :to => 'pages#home'
migration:
class AddDeviseToUsers < ActiveRecord::Migration
def self.up
change_table(:users) do |t|
t.recoverable
t.rememberable
t.trackable
t.encrypted_password :null => false, :default => '', :limit => 128
# t.encryptable
# t.confirmable
# t.lockable :lock_strategy => :failed_attempts, :unlock_strategy => :both
# t.token_authenticatable
# Uncomment below if timestamps were not included in your original model.
# t.timestamps
end
add_index :users, :email, :unique => true
add_index :users, :reset_password_token, :unique => true
# add_index :users, :confirmation_token, :unique => true
# add_index :users, :unlock_token, :unique => true
# add_index :users, :authentication_token, :unique => true
end
def self.down
# By default, we don't want to make any assumption about how to roll back a migration when your
# model already existed. Please edit below which fields you would like to remove in this migration.
raise ActiveRecord::IrreversibleMigration
end
end
User.rb:
class User < ActiveRecord::Base
# Include default devise modules. Others available are:
# :token_authenticatable, :encryptable, :confirmable, :lockable, :timeoutable and :omniauthable
devise :registerable, #:database_authenticatable,
:recoverable, :rememberable, :trackable, :validatable
# Setup accessible (or protected) attributes for your model
attr_accessible :email, :password, :password_confirmation, :remember_me
attr_accessor :password
attr_accessible :name, :number_of_positive_reco, :confidence_percent, :avatar
schema.rb:
create_table "users", :force => true do |t|
t.string "name"
t.string "email"
t.integer "number_of_positive_reco"
t.float "confidence_percent"
t.datetime "created_at"
t.datetime "updated_at"
t.string "encrypted_password"
t.string "salt"
t.string "avatar_file_name"
t.string "avatar_content_type"
t.integer "avatar_file_size"
t.datetime "avatar_updated_at"
t.boolean "admin", :default => false
t.string "reset_password_token"
t.datetime "reset_password_sent_at"
t.datetime "remember_created_at"
t.integer "sign_in_count", :default => 0
t.datetime "current_sign_in_at"
t.datetime "last_sign_in_at"
t.string "current_sign_in_ip"
t.string "last_sign_in_ip"
end
add_index "users", ["email"], :name => "index_users_on_email", :unique => true
add_index "users", ["reset_password_token"], :name => "index_users_on_reset_password_token", :unique => true
The answer is: Remove attr_accessor :password ... otherwise Devise cannot encrypt it!
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With