I know this question has been asked several times already and every answer leads to devise wiki, but I can't get it to work. I followed the wiki and some other posts here, but no luck. I want to let the user update his info (email. username. name, etc) without having to type the password every time.
My registrations_controller.rb look like this:
class RegistrationsController < Devise::RegistrationsController
def update
# required for settings form to submit when password is left blank
if params[:user][:password].blank?
params[:user].delete("password")
params[:user].delete("password_confirmation")
end
@user = User.find(current_user.id)
if @user.update_attributes(params[:user])
# Sign in the user bypassing validation in case his password changed
sign_in @user, :bypass => true
redirect_to root_path
else
render "edit"
end
end
end
and my routes.rb look like this:
Sparechef::Application.routes.draw do
get "users/profile"
devise_for :users
devise_for :controllers => { :registrations => "registrations" }
resources :dashboard
root to: "home#index"
match "profile" => "users#profile"
end
I still get the message "Current password can't be blank". If I update my routes to follow devise wiki with devise_for :users, :controllers => { :registrations => "registrations" } I get this error:
Can't mass-assign protected attributes: current_password
Does anybody know how to get this to work?
current_passwordneeds to be inattr_accessorin addition toattr_accessible. Otherwise you'll get the errorunknown attribute: current_password. – evanrmurphy