# app / controllers / application_controller.rb | |
class ApplicationController < ActionController::Base | |
# Prevent CSRF attacks by raising an exception. | |
# For APIs, you may want to use :null_session instead. | |
protect_from_forgery with: :exception | |
before_filter :configure_permitted_parameters, if: :devise_controller? | |
protected | |
def configure_permitted_parameters | |
devise_parameter_sanitizer.for(:sign_up) { |u| u.permit(:username, :email, :password, :password_confirmation) } | |
devise_parameter_sanitizer.for(:sign_in) { |u| u.permit(:username, :email, :password, :remember_me) } | |
end | |
end | |
# app / models / user.rb | |
class User < ActiveRecord::Base | |
rolify | |
include Authority::UserAbilities | |
has_many :posts, foreign_key: :id | |
# Include default devise modules. Others available are: | |
# :token_authenticatable, :confirmable, | |
# :lockable, :timeoutable and :omniauthable | |
devise :database_authenticatable, :registerable, :recoverable, :rememberable, :trackable, :validatable, :authentication_keys => [:username] | |
after_save { self.add_role(:standard) unless self.has_any_role? } | |
validates_uniqueness_of :username | |
validates_presence_of :username | |
validates_presence_of :email | |
def self.find_first_by_auth_conditions(warden_conditions) | |
conditions = warden_conditions.dup | |
if login = conditions.delete(:username) | |
where(conditions).where(["lower(username) = :value OR lower(email) = :value", { :value => login.downcase }]).first | |
else | |
where(conditions).first | |
end | |
end | |
end | |
# config / initializers / devise.rb | |
config.authentication_keys = [ :login ] |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment