How to verify a user's password in Devise

ruby-on-rails devise
poporul picture poporul · Dec 1, 2010 · Viewed 55.4k times · Source

I'm having a problem matching user password using devise gem in rails. User password stored on my db which is encrypted_password and i am trying to find user by password, but I don't understand how to match password from form and encrypted_password in my db.

User.find_by_email_and_password(params[:user][:email], params[:user][:password])

Answer

joshaidan picture joshaidan · Dec 6, 2010

I think this is a better, and more elegant way of doing it:

user = User.find_by_email(params[:user][:email])
user.valid_password?(params[:user][:password])

The other method where you generate the digest from the user instance was giving me protected method errors.

Related questions

Override devise registrations controller

I have added a field to the sign-up form that is based on a different model, see How do I use nested attributes with the devise model for the gory details. This part is working fine. The problem now is …

Read More
No route matches "/users/sign_out" devise rails 3

I've installed devise on my app and applied the following in my application.html.erb file: <div id="user_nav"> <% if user_signed_in? %> Signed in as <%= current_user.email %>. This cannot be cheese? &…

Read More
"WARNING: Can't mass-assign protected attributes"

I have used RESTful techniques to generate a model (in fact, I am using Devise gem, which does that for me), and I have added new fields called first_name and last_name to the model. Migration went fine. I …

Read More