public
Last active — forked from guilleiguaran/passwords_controller.rb

StrongParameters with Devise

  • Download Gist
passwords_controller.rb
Ruby
1 2 3 4 5 6 7 8
# app/controllers/users/password_controller.rb
 
class Users::PasswordsController < Devise::PasswordsController
def resource_params
params.require(:user).permit(:email, :password, :password_confirmation)
end
private :resource_params
end
registrations_controller.rb
Ruby
1 2 3 4 5 6 7 8
# app/controllers/users/registrations_controller.rb
 
class Users::RegistrationsController < Devise::RegistrationsController
def resource_params
params.require(:user).permit(:name, :email, :password, :password_confirmation)
end
private :resource_params
end
routes.rb
Ruby
1 2 3
# config/routes.rb
 
devise_for :users, :controllers => {:registrations => "users/registrations", :passwords => "users/passwords"}

I had to add reset_password_token as one of the arguments

Thanks for this.

the comment "# app/controllers/users/password_controller.rb" should read

app/controllers/users/passwords_controller.rb

Thank you for this! :+1:

I did some changes to handle multiple resources (eg: User and Admin): https://gist.github.com/apeacox/5245821

The rails4 branch of Devise has some recent changes that are important for this discussion. See: https://github.com/plataformatec/devise/commit/3ed0dc5d9fd56e60a46b9bea0de834d5901638fa Or just view the README: https://github.com/plataformatec/devise/tree/rails4#strong-parameters

I made a Gist showing the code I use: https://gist.github.com/bluemont/e304e65e7e15d77d3cb9

thanks for the update

Checkout @sferik's fork if you are using recoverable or want to let users change their password...
better version

You need to add a few more params to the list or else you will get errors. Saved me some trouble.

I've made a gist based on the lazy suggestion for devise that handles multiple models at https://gist.github.com/mastfish/5702796 .

It saves having to create custom controllers.

Please sign in to comment on this gist.

Something went wrong with that request. Please try again.