Create a gist now

Instantly share code, notes, and snippets.

What would you like to do?
StrongParameters with Devise
# app/controllers/users/password_controller.rb
class Users::PasswordsController < Devise::PasswordsController
def resource_params
params.require(:user).permit(:email, :password, :password_confirmation)
private :resource_params
# app/controllers/users/registrations_controller.rb
class Users::RegistrationsController < Devise::RegistrationsController
def resource_params
params.require(:user).permit(:name, :email, :password, :password_confirmation)
private :resource_params
# config/routes.rb
devise_for :users, :controllers => {:registrations => "users/registrations", :passwords => "users/passwords"}

Thank you!

he9lin commented Sep 13, 2012

I had to add reset_password_token as one of the arguments

ethier commented Mar 17, 2013

Thanks for this.

dannyko commented Mar 20, 2013

the comment "# app/controllers/users/password_controller.rb" should read


earnold commented Mar 23, 2013

Thank you for this! 👍

I did some changes to handle multiple resources (eg: User and Admin):


ghost commented Apr 22, 2013

The rails4 branch of Devise has some recent changes that are important for this discussion. See: plataformatec/devise@3ed0dc5 Or just view the README:

I made a Gist showing the code I use:

istana commented May 3, 2013

thanks for the update


deneuxa commented May 20, 2013

Thanks ! :)

albrow commented May 23, 2013

Checkout @sferik's fork if you are using recoverable or want to let users change their password...
better version

You need to add a few more params to the list or else you will get errors. Saved me some trouble.

mastfish commented Jun 4, 2013

I've made a gist based on the lazy suggestion for devise that handles multiple models at .

It saves having to create custom controllers.

Thanks )

abkreno commented Jul 30, 2015

Thanks 👍

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment