Editing Users With Devise and Omniauth

Question

I\'m working through the Railscast on implementing Devise and OmniAuth (along with the Devise documentation) -- currently, I\'ve got a site going where visitors can sign up

Answer 1

I've added an update to the link below that includes my solution to the Devise/ OmniAuth change user profile/password issue and collected some helpful links:

stackoverflow - Allowing users to edit accounts without saving passwords in devise

Answer 2

I saw this used somewhere.

def update
    params[:user].delete(:current_password)
    params[:user].delete(:password)
    params[:user].delete(:password_confirmation)
    if current_user.update_without_password(params[:user])
      redirect_to somewhere_wicked_path, notice => "You rock"
    else
      render 'edit', :alert => 'you roll'
    end
end

use something like this in your update method in your controller. Pretty sure that method is in Devise too.

Answer 3

The easiest way is to overwrite the update_resource method in your RegistrationsController. This is advised by devise in their own implementation of the controller:

  # By default we want to require a password checks on update.
  # You can overwrite this method in your own RegistrationsController.
  def update_resource(resource, params)
    resource.update_with_password(params)
  end

So the solution is to overwrite this method in your own controller like this:

class Users::RegistrationsController < Devise::RegistrationsController

  # Overwrite update_resource to let users to update their user without giving their password
  def update_resource(resource, params)
    if current_user.provider == "facebook"
      params.delete("current_password")
      resource.update_without_password(params)
    else
      resource.update_with_password(params)
    end
  end

end