Reputation: 13444
Password being removed from parameters in my controller despite being allowed
In my KidsController I have
def kid_params
params.require(:kid).permit(:firstname,
:lastname,
:gender,
:pseudo,
:birthdate,
:avatar,
:password,
:longitude,
:latitude,
:parent_id)
end
While kid is defined as follow:
class Kid < ActiveRecord::Base
has_secure_password
end
However when I try to POST a json to create a new Kid, I get a password cannot be blank error.
The log shows:
Started POST "/kids" for 127.0.0.1 at 2015-05-12 14:28:34 +0900 Processing by KidsController#create as HTML Parameters: {"firstname"=>"testpaw", "lastname"=>"qwdqwd", "password"=>"[FILTERED]", "kid"=>{"firstname"=>"testpaw", "lastname"=>"qwdqwd"}}
But once I get to the actual create method, my parameters have been reduced to {"firstname":"testpaw","lastname":"qwdqwd"}
What is filtering password from my parameters? Creating a Kid from rails console works fine...
Upvotes: 0
Views: 135
Answers (1)
Reputation: 1060
In your current setup, the password is filtered because it is not part of the kid namespace. If it should be part of the kid namespace, then you need to change this in your view.
Upvotes: 2
Related Questions
- bcrypt wrong number of arguments error
- BCrypt InvalidHash with Clearance password resets
- Trouble with Rails and BCrypt has_secure_password
- Rails- not able to save user's password bcrypt
- BCrypt authentication always failing RAILS
- Rails authentication error using bcrypt
- Can't authenticate on Rails with BCrypt - password hashes are different
- Cannot get BCrypt autentication to work
- Rails 4.1.0 and authlogic bcrypt issue
- Password can't be blank, Bcrypt