Custom user fields in Devise 3 under Rails 4

Asked 31/5, 2013 at 7:50 Answered 18/10, 2013 at 13:7

Solved ruby-on-rails devise ruby-on-rails-4 attr-accessible strong-parameters

I'm using the release candidate of Devise 3 so that I can use it with Rails 4. In Rails 3.2 I used to be able to add a custom field to my User model by simply adding that field to the registration/edit.html.erb and registration/new.html.erb files (after running the proper migration). Then I'd just add that field to the attr_accessible list of fields in the model.

However, in Rails 4, there is no attr_accessible list and I can't simply add fields in the views. How do I add custom User fields?

Applejack answered 31/5, 2013 at 7:50 Comment(0)

I was told to look in the main README on the github page and there it was. Easy.

class ApplicationController < ActionController::Base
  before_filter :configure_permitted_parameters, if: :devise_controller?

  protected

  def configure_permitted_parameters
    devise_parameter_sanitizer.for(:sign_up) << :username
  end
end

Applejack answered 31/5, 2013 at 8:1 Comment(0)

Adding

     def configure_permitted_parameters
         devise_parameter_sanitizer.for(:sign_in) { |u| u.permit(:username, :email) }
         devise_parameter_sanitizer.for(:sign_up) { |u| u.permit(:username, :email, :password, :password_confirmation) }
         devise_parameter_sanitizer.for(:account_update) { |u| u.permit(:username, :email, :password, :password_confirmation, :current_password) }
     end

To applicationcontroller worked for me.

Fraunhofer answered 23/7, 2013 at 21:47 Comment(1)

You might also need: before_action :configure_permitted_parameters, if: :devise_controller? – Rathbone 5/8, 2013 at 12:33

I was told to look in the main README on the github page and there it was. Easy.

class ApplicationController < ActionController::Base
  before_filter :configure_permitted_parameters, if: :devise_controller?

  protected

  def configure_permitted_parameters
    devise_parameter_sanitizer.for(:sign_up) << :username
  end
end

Applejack answered 31/5, 2013 at 8:1 Comment(0)

In case you want to permit additional parameters you can do with a simple before filter in your

ApplicationController:

class ApplicationController < ActionController::Base
  before_filter :configure_permitted_parameters, if: :devise_controller?

  protected

  def configure_permitted_parameters
    devise_parameter_sanitizer.for(:sign_up) << :username
  end
end

Drenthe answered 18/10, 2013 at 13:7 Comment(0)

You need to enable Strong Parameters for devise instead of attr_accessible for doing that you need to create new initializer like:

DeviseController.class_eval do
  def resource_params
    unless params[resource_name].blank?
      params.require(resource_name).permit(:email, :password, :password_confirmation, :remember_me)
    end
  end
end

Make sure that you cloned gem from rails4 branch(plataformatec/devise). Remove attr_accesible from model

Evelynneven answered 31/5, 2013 at 8:12 Comment(1)

for strong parameter configuration follow this guide github.com/rails/strong_parameters – Evelynneven 31/5, 2013 at 8:16

Recommended topics

Hot tags