发表新帖
发表新帖

Adding custom parameters to devise registration - unpermitted parameters

前端 未结
关注
4 1115
谎友^
谎友^ 2020-12-05 19:38

I\'ve been trying to customize the devise register method to register with more parameters and also update more(no luck so far), but I always get Unpermitted parameter

相关标签:
4条回答
  • 無奈伤痛
    2020-12-05 19:46

    The accepted answer says the config should go in your applicationController but it can simply go in your user registration controller and you can specify that you only want to run it for create method and nothing else: 

    
class Users::RegistrationsController < Devise::RegistrationsController
  before_action :configure_sign_up_params, only: [:create]

  protected

  def configure_sign_up_params
    devise_parameter_sanitizer.permit(:sign_up, keys: [:enter_param_name_here])
  end
end
    0 讨论(0)
  • 失恋的感觉
    2020-12-05 19:47

    In my case this worked:

    class ApplicationController < ActionController::Base
    before_action :configure_permitted_parameters, if: :devise_controller?

    protected

    def configure_permitted_parameters
        devise_parameter_sanitizer.permit(:account_update) { |u| u.permit(:name, :last_name, :image,:email, :password, :password_confirmation, :current_password) }
    end
end
    0 讨论(0)
  • 渐次进展
    2020-12-05 19:54

    Looks like you just need to tell devise which parameters should be permitted. By default, devise permits the email (or username depending on configuration), password and password_confirmation params. You just need to add more.

    The devise documentation suggests a "lazy way" of setting this up.

    class ApplicationController < ActionController::Base
  before_action :configure_permitted_parameters, if: :devise_controller?

  protected

  def configure_permitted_parameters
    devise_parameter_sanitizer.permit(:sign_up, keys: [:display_name])
  end
end

    The documentation then says that

    If you have nested attributes (say you're using accepts_nested_attributes_for), then you will need to tell devise about those nestings and types.

    Only if you need to override the registrations#create action you should provide your custom route for devise. In that case, make sure you override the sign_up_params method too.

    class Users::RegistrationsController < Devise::RegistrationsController
  def create
    # Your custom code here. Make sure you copy devise's functionality
  end

  private

  # Notice the name of the method
  def sign_up_params
    params.require(:user).permit(:display_name, :email, :password, :password_confirmation)
  end
end

    In essence, you'd have to look into how your sign up form is posting the parameters to figure out how to configure strong parameters in the controller. Make sure you read on strong parameters syntax as well.

    Hope it helps!

    0 讨论(0)
  • 独厮守ぢ
    2020-12-05 20:12

    For Devise 4.2.0 you can whitelist additional parameters for your users table by adding those values to keys. By default devise gives you the comment to go off of now. Below I added :avatar

      # If you have extra params to permit, append them to the sanitizer.
  def configure_sign_up_params
    devise_parameter_sanitizer.permit(:sign_up, keys: [:attribute, :avatar])
  end
    0 讨论(0)
 看不清?
提交回复
热议问题