[RAILS] Enable strong parameters in devise

Methods to write when using devise, which I am not good at personally. As a memorandum

devise_parameter_sanitizer method

private
def configure_permitted_parameters 
  #Allow parameters for devise User model
  devise_parameter_sanitizer.permit(:devise process name, keys: [:Keys to allow])
end

The strong parameter is described in the controller, but the controller that processes devise is described in the Gem, so it cannot be edited. Also, if you implement the login function with devise, in addition to params, you will also receive parameters that are different from params. You need a way to reflect strong parameters in the devise controller and a way to get devise-specific parameters.

devise_parameter_sanitizer method

Parameters can be obtained from requests such as "login" and "new registration" related to devise's User model. By combining this method with the permit method, you can also specify and include newly added columns for the strong parameters defined in devise.

private
def configure_permitted_parameters  #Method names are customary
  #Allow parameters for devise User model
  devise_parameter_sanitizer.permit(:devise process name, keys: [:Keys to allow])
end

devise permit adds parameters to allow by specifying the key in the array for the key of devise processing name in the first argument and keys in the second argument.

devise process name

Method Use
:sign_in When processing login
:sign_up When processing new registration
:account_update When processing account information update

Allows the acquisition of parameters with the same name as the name specified by keys in the second argument for the process specified in the first argument. The name attribute value of each form part described in the view is the key of the parameter submitted from the form. The code to add a strong parameter to devise cannot be edited by devise's controller, so ⇩ Write it in application_controller like this.

class ApplicationController < ActionController::Base
  before_action :configure_permitted_parameters, if: :devise_controller?

  private
  def configure_permitted_parameters
    devise_parameter_sanitizer.permit(:sign_up, keys: [:name])
  end
end

"if :: devise_controller?" Is if the controller processing related to devise Only then will the configure_permitted_parameters method be executed. Description. Even if the process is read by other tweets controller etc., it is not executed.

The above memorandum.

Recommended Posts

Enable strong parameters in devise
[Strong parameters]
[Rails] Add strong parameters to devise
Summary of strong parameters
About rails strong parameters
[rails] What are Strong Parameters?
ActiveRecord :: NotNullViolation in Devise error
Helper methods available in devise
About methods often used in devise
[Rails] Session timeout setting in devise
Enable jQuery and Bootstrap in Rails 6 (Rails 6)
[rails] Login screen implementation in devise
[Rails] Unexpected validation error in devise
Set up pre-login routing in Devise
How to get parameters in Spark
About require when setting strong parameters
Check Java parameters in Kubernetes pods