[RUBY] How to update user edits in Rails Devise without entering a password

How to update user edits in Rails Devise without entering a password

Here's how to update your user information in Devise without entering your current password.

table of contents

Operating environment

OS : macOS Mojave 10.14.6 ruby : 2.6.5p114 rails : 5.2.4 devise : 4.7.1

Prerequisites

Suppose you have already completed the steps from installing the gem to creating the view.

  1. devise gem installed
  2. rails generate devise installed
  3. rails generate devise: views completed
  4. Non-default columns such as name have been added to the users table

Outline of procedure

[STEP1. Added strong parameter for new registration to ʻapplication_controller`] (#Setting strong parameters for new registration)

[STEP2. Create registrations_controller.rb incontrollers / users /, add strong parameters to update, fix routing](# update strong parameter settings)

[STEP3. Describe the method for updating without password in registrations_controller.rb and ʻuser.rb`](#Define the method for updating without password)

[STEP4. Remove the current_password field from the View](Remove the current_password field from the #view file)

Detailed procedure

Setting strong parameters for new registration

At present, the name parameter added later is repelled by the strong parameter. Put the following code in application_controller.

application_controller.rb


class ApplicationController < ActionController::Base
 before_action :configure_permitted_parameters, if: :devise_controller?

  protected

  def configure_permitted_parameters
    devise_parameter_sanitizer.permit(:sign_up, keys: [:name])
  end
end

If you check it on the console, you can receive the name parameter and create a user.

irb(main):001:0> User.create(name: 'abc' , email:'[email protected]',password:'123456')
   (1.3ms)  COMMIT
=> #<User id: 2, email: "[email protected]", created_at: "2020-05-30 10:41:46", updated_at: "2020-05-30 10:41:46", name: "abc">

Next, put the input field of name in view.

html:new.html.erb


<h2>Sign up</h2>

<%= form_for(resource, as: resource_name, url: registration_path(resource_name)) do |f| %>
<%= render "devise/shared/error_messages", resource: resource %>

<div class="field">
  <%= f.label :email %><br />
  <%= f.email_field :email, autofocus: true, autocomplete: "email" %>
</div>

//add to
<div class="field">
  <%= f.label :name %><br />
  <%= f.text_field :name, autofocus: true, autocomplete: "name" %>
</div>

<div class="field">
  <%= f.label :password %>
  <% if @minimum_password_length %>
  <em>(<%= @minimum_password_length %> characters minimum)</em>
  <% end %><br />
  <%= f.password_field :password, autocomplete: "new-password" %>
</div>

<div class="field">
  <%= f.label :password_confirmation %><br />
  <%= f.password_field :password_confirmation, autocomplete: "new-password" %>
</div>

<div class="actions">
  <%= f.submit "Sign up" %>
</div>
<% end %>

<%= render "devise/shared/links" %>

This completes the new user registration.

Setting strong parameters for updates

Then add a name field to the user edit view as well.

html:edit.html.erb


//add to
<div class="field">
  <%= f.label :name %><br />
  <%= f.text_field :name, autofocus: true, autocomplete: "name" %>
</div>

You can see that pressing the update button here does not update the name.

Therefore, create ʻusers / registrations_controller.rb` to update the name column, and write as follows.

registrations_controller.rb


class Users::RegistrationsController < Devise::RegistrationsController
  before_action :configure_account_update_params, only: [:update]

  protected

  def configure_account_update_params
    devise_parameter_sanitizer.permit(:account_update, keys: [:name])
  end
end

Then modify the routing to reference this registartions_controller.

routes.rb


Rails.application.routes.draw do
  root 'blogs#index'
  #changes
  devise_for :users, controllers: {
    registrations: 'users/registrations'
  }
  resources :blogs
  end

Then the Name column of Users can be updated.

Define a method to update without a password

However, at the moment, if you do not enter the current_password, an error will occur during update. image.png

So, first, define a method to update the user model without a password.

user.rb


class User < ApplicationRecord
  # Include default devise modules. Others available are:
  # :confirmable, :lockable, :timeoutable, :trackable and :omniauthable
  devise :database_authenticatable, :registerable,
         :recoverable, :rememberable, :validatable

  //Method to add
  def update_without_current_password(params, *options)
    params.delete(:current_password)

    if params[:password].blank? && params[:password_confirmation].blank?
      params.delete(:password)
      params.delete(:password_confirmation)
    end

    result = update_attributes(params, *options)
    clean_up_passwords
    result
  end
end

Then call ʻupdate_without_password from registrations_controller`.

registrations_controller.rb


class Users::RegistrationsController < Devise::RegistrationsController
  before_action :configure_account_update_params, only: [:update]

  protected
  //add to(Mandatory)
  def update_resource(resource, params)
    resource.update_without_password(params)
  end

  //Method that redirects to the top screen after update, although not required
  def after_update_path_for(_resource)
    blogs_path
  end

  def configure_account_update_params
    devise_parameter_sanitizer.permit(:account_update, keys: [:name])
  end
end

Remove the current_password field from the view file

Remove current_password from the view file.

html:edit.html.erb


//Delete
<div class="field">
  <%= f.label :current_password %> <i>(we need your current password to confirm your changes)</i><br />
  <%= f.password_field :current_password, autocomplete: "current-password" %>
</div>

result

image.png

You can see that the user name has been updated without any errors.

image.png

Recommended Posts

How to update user edits in Rails Devise without entering a password
How to update devise user information without a password
It was surprisingly easy. How to update user information without entering a password
How to insert a video in Rails
[Rails] How to log in with a name by adding a devise name column
[Rails] How to get the user information currently logged in with devise
How to implement a like feature in Rails
How to easily create a pull-down in Rails
How to make a follow function in Rails
How to implement a like feature in Ajax in Rails
Introduce devise in Rails to implement user management functionality
[How to insert a video in haml with Rails]
How to write a date comparison search in Rails
[Rails 6] How to set a background image in Rails [CSS]
[Rails] How to load JavaScript in a specific view
[Ruby/Rails] How to generate a password in a regular expression
[Rails] How to install devise
How to display a graph in Ruby on Rails (LazyHighChart)
Super easy in 2 steps! How to install devise! !! (rails 5 version)
[Rails] How to use gem "devise"
[Rails] How to use devise (Note)
[Rails] How to write in Japanese
[Rails] [Devise] Edit profile without password
How to introduce jQuery in Rails 6
How to install Swiper in Rails
How to rename a model with foreign key constraints in Rails
[Rails 5] How to display the password change screen when using devise
How to implement search functionality in Rails
How to change app name in rails
How to use custom helpers in rails
Steps to set a favicon in Rails
[rails] How to configure routing in resources
[rails] How to create a partial template
How to implement ranking functionality in Rails
[Note] How to use Rails 6 Devise + cancancan
How to publish a library in jCenter
How to use credentials.yml.enc introduced in Rails 5.2
[Rails] How to translate devise into Japanese
How to implement a slideshow using slick in Rails (one by one & multiple by one)
[Rails] Use devise to get information about the currently logged in user
[Rails] How to pass validation such as password when executing update action
[Ruby on Rails] How to log in with only your name and password using the gem devise
Rails: How to write a rake task nicely
Convert to a tag to URL string in Rails
[Rails] devise customization. How to change the redirect page after user registration and editing, and how to skip password input when editing
[Rails] How to write when making a subquery
[Rails] How to create a graph using lazy_high_charts
Implement user edit / update function without using devise
How to display a web page in Java
[Rails] How to use select boxes in Ransack
How to get the ID of a user authenticated with Firebase in Swift
[Rails6] How to connect the posting function generated by Scaffold with the user function generated by devise
How to prevent direct URL typing in Rails
[Rails] How to get rid of flash messages in a certain amount of time
How to run a djUnit task in Ant
How to add a classpath in Spring Boot
How to update pre-built files in docker container
How to create a theme in Liferay 7 / DXP
How to separate .scss by controller in Rails
How to conditionally add html.erb class in Rails
How to store data simultaneously in a model associated with a nested form (Rails 6.0.0)