I've been trying to customize the devise register method to register with more parameters and also update more(no luck so far), but I always get Unpermitted parameters:
error. I tried using this Adding extra registration fields with Devise and https://github.com/plataformatec/devise#strong-parameters, but I cant get over that.
I've also thought about creating a new table to hold a foreign key the user id and put in there stuff like user_id, display_name, profile_picture
, but I would have the same problem when trying to submit everything from the same page(mess with the devise controller).
Do you have any suggestions on how I can solve this? What else do I have to post?
routes.rb
devise_for :users, controllers: { registrations: 'users/registrations' }
users/regC
def create
build_resource(registration_params)
if resource.save
if resource.active_for_authentication?
set_flash_message :notice, :signed_up if is_navigational_format?
sign_up(resource_name, resource)
respond_with resource, :location => after_sign_up_path_for(resource)
else
set_flash_message :notice, :"signed_up_but_#{resource.inactive_message}" if is_navigational_format?
respond_with resource, :location => after_sign_up_path_for(resource)
end
else
clean_up_passwords
respond_with resource
end
end
private
def registration_paramss
params.require(:user).permit(:email, :display_name, :terms_of_services, :profile, :password, :password_confirmation)
end
Looks like you just need to tell devise which parameters should be permitted. By default, devise permits the email (or username depending on configuration), password and password_confirmation params. You just need to add more.
The devise documentation suggests a "lazy way" of setting this up.
class ApplicationController < ActionController::Base
before_action :configure_permitted_parameters, if: :devise_controller?
protected
def configure_permitted_parameters
devise_parameter_sanitizer.permit(:sign_up, keys: [:display_name])
end
end
The documentation then says that
If you have nested attributes (say you're using
accepts_nested_attributes_for
), then you will need to tell devise about those nestings and types.
Only if you need to override the registrations#create
action you should provide your custom route for devise. In that case, make sure you override the sign_up_params
method too.
class Users::RegistrationsController < Devise::RegistrationsController
def create
# Your custom code here. Make sure you copy devise's functionality
end
private
# Notice the name of the method
def sign_up_params
params.require(:user).permit(:display_name, :email, :password, :password_confirmation)
end
end
In essence, you'd have to look into how your sign up form is posting the parameters to figure out how to configure strong parameters in the controller. Make sure you read on strong parameters syntax as well.
Hope it helps!