Reputation: 11336
devise + rails 4 + strong parameters inside registration controller
I have a custom devise RegistrationController#create action that set some attributes behind the scenes (lat, lng, city and country). Now that I'm using strong parameters, the problem is that is not recognising these attributes that are inside the create method. It is ok as long as they're in the form page but I want to avoid that since I'm not giving that information to fill, but rather detect it automatically.
def create
build_resource(sign_up_params)
resource.lat = current_latitude
resource.lng = current_longitude
resource.city = current_city
resource.country = current_country_code
if resource.save
cookies.delete(:valid_subscription)
if resource.active_for_authentication?
set_flash_message :notice, :signed_up if is_navigational_format?
sign_up(resource_name, resource)
respond_with resource, :location => after_sign_up_path_for(resource)
else
set_flash_message :notice, :"signed_up_but_#{resource.inactive_message}" if is_navigational_format?
expire_session_data_after_sign_in!
respond_with resource, :location => after_inactive_sign_up_path_for(resource)
end
else
clean_up_passwords resource
respond_with resource
end
end
And In ApplicationController I have this
before_filter :configure_permitted_parameters, if: :devise_controller?
def configure_permitted_parameters
devise_parameter_sanitizer.for(:sign_up) do |u|
u.permit(:username, :email, :password, :password_confirmation, :birthdate, :sex, :interested_list, :lat, :lng)
end
devise_parameter_sanitizer.for(:account_update) do |u|
u.permit(:username, :email, :password, :password_confirmation, :lat, :lng)
end
end
Any idea what I'm doing wrong and how to whitelist those attributes to pass?
I'm using devise 3.0.0 and Rails 4.0.0.
Upvotes: 0
Views: 1311
Answers (1)
Reputation: 11336
The answer was I declared devise_scope :users do instead of devise_scope :user do on my routes.
Took me almost all day to figure it out!
Upvotes: 1
Related Questions
- Rails Devise, extra params don't work in RegistrationsController
- Adding custom parameters to devise registration - unpermitted parameters
- Devise and Strong Parameters
- Passing arbitrary parameters on user registration with Devise
- Strong parameters with Rails and Devise
- Devise: Ability to pass parameters to the registrations#sign_up action
- Devise 3 Rails 4 Unpermitted parameters
- Using Strong Parameters With Devise
- Devise not saving parameters that are already sanitized in App Controller Rails 4
- Rails 4 and Devise - User registration via JSON API