Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Rails 3 - Devise : How to skip the 'current_password' when editing a registration?

Tags:

ruby-on-rails

ruby-on-rails-3

devise

omniauth

I've implemented omniauth with my devise model, so I can authenticate using other services. Password is not necessary anymore for my model, as users can authenticate using twitter, facebook...

Everything is working fine, but, when an user try to edit its registration, devise skip the process because the user did not inform the 'current_password' (which doesnt exist in some cases now).

I created a registration controller to overwrite the devises one:

class RegistrationsController < Devise::RegistrationsController
  def update
    super
  end
end

But I haven't find any documentation about how to skip the password verification, how could I do it in my update action?

like image 372
Tiago Avatar asked Nov 04 '10 20:11

Tiago

4 Answers

Similar to above, try putting this in your user model:

# bypasses Devise's requirement to re-enter current password to edit
def update_with_password(params={}) 
  if params[:password].blank? 
    params.delete(:password) 
    params.delete(:password_confirmation) if params[:password_confirmation].blank? 
  end 
  update_attributes(params) 
end
like image 116
rxb Avatar answered Oct 21 '22 16:10

rxb

The following worked for me:

In my users controller, in the update action, I have

params[:user].delete(:password) if params[:user][:password].blank?
params[:user].delete(:password_confirmation) if params[:user][:password_confirmation].blank?

Perhaps you could adapt that to a before_save callback?

like image 32
David Sulc Avatar answered Oct 21 '22 16:10

David Sulc

Even the answer has been here for a while I want to post a new one, as I think the selected answer has a little flaws. Maybe it didn't have at the moment the answer was created, but now in 2013, the answer would be like this:

The solution would be to create in User model like this:

  # bypass re-entering current password for edit
  def update_with_password(params={}) 
    current_password = params.delete(:current_password)

    if params[:password].blank? 
      params.delete(:password) 
      params.delete(:password_confirmation) if params[:password_confirmation].blank? 
    end 
    update_attributes(params) 

    clean_up_passwords
  end
like image 1
Aleks Avatar answered Oct 21 '22 17:10

Aleks

there is an easier answer, i do not know when devise first had this method but by just adding

Model.update_without_password(params)

it will update attributes without requiring current password.

like image 1
Petros Kyriakou Avatar answered Oct 21 '22 17:10

Petros Kyriakou
Sign in to Comment

Related questions

N+1 problem in mongoid
Rails what is the difference between content_for and yield?
Pattern matching in rails ( "where column LIKE '%foo%") with Postgres
Rake is aborting because undefined method `inet' for sqlite db
Bootstrap shown.bs.tab event not working
Recommended twitter gem for ruby-on-rails
Override ActionMailer's mail to address in development environment
Gem to track User Activity [closed]
How to include ActionView helpers in the assets pipeline?
Saving custom fields in devise User model in rails 4
gem install nokogiri -v '1.5.11' failed due to make: /usr/local/bin/gmkdir: No such file or directory
Rails - Easy way to display all fields in view
Rails Observers - When to and when not to use observers in Rails
Ruby on Rails: Use slug instead of id on resource routes
missing attribute in activerecord
Error stating that "bcrypt-ruby is not part of the bundle", how can I add bcrypt-ruby to Gemfile?
GMaps4Rails and Turbolinks not loading without full page refresh
Get plural version of Rails model name
Rails: Webpacker::Manifest::MissingEntryError in Home#index
Rails: Installing font-awesome in Rails 6.0.0-rc1 with webpacker and yarn

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!