Strong parameters with Rails and Devise
I am using the rails 4.0 branch of devise along with ruby 2.0.0p0 and Rails 4.0.0.beta1.
This is the kind of question where I am checking if I\'m doing it the right
-
It works very nice with adding an module in
config/initializerswith allparameterslike thismodule DevisePermittedParameters extend ActiveSupport::Concern included do before_filter :configure_permitted_parameters end protected def configure_permitted_parameters devise_parameter_sanitizer.for(:sign_up) { |u| u.permit(:first_name, :last_name, :email, :password, :password_confirmation) } end end DeviseController.send :include, DevisePermittedParameters讨论(0) -
Thanks for the latest updates on Rails4 branch of Devise, it doesn't really need to insert 'resource_params'.
I've created a brand new Rails4 app and followed basic Devise installation steps and my app works properly, so I think, you've done well.
But there is a modified gist which gives you some extra details in terms of permitted parameters if you need:
Source: https://gist.github.com/bluemont/e304e65e7e15d77d3cb9
# controllers/users/registrations_controller.rb class Users::RegistrationsController < Devise::RegistrationsController before_filter :configure_permitted_parameters protected # my custom fields are :name, :heard_how def configure_permitted_parameters devise_parameter_sanitizer.for(:sign_up) do |u| u.permit(:name, :heard_how, :email, :password, :password_confirmation) end devise_parameter_sanitizer.for(:account_update) do |u| u.permit(:name, :email, :password, :password_confirmation, :current_password) end end end讨论(0) -
For Rails 5, Devise 4 Use this:
class ApplicationController < ActionController::Base before_action :configure_permitted_parameters, if: :devise_controller? protected def configure_permitted_parameters devise_parameter_sanitizer.permit(:sign_up, keys: [:first_name, :last_name, :email, :password, :password_confirmation]) end endReference
讨论(0)
加载中...
- 热议问题