Here is the setup:
~/.rvm/gems/ruby-2.1.2/gems/devise-3.2.4
~/.rvm/gems/ruby-2.1.2/gems/rails-4.1.1
~/.rvm/gems/ruby-2.1.2/gems/mongoid-f9e6fdb1a67c
I'm facing an awful error with Devise which never accepts signing a user in except after confirmation.
I use default devise views for sign in / sign up. I overrode two controllers: confirmation, to allow setting up a password from confirmable email as explained in Devise's FAQ and it works like a charm.
I also overrode registration controller to configure permitted parameters for strong parameters as explained in Devise FAQ and this also works like a charm.
Here are my routes:
as :user do
patch '/users/confirmation' => 'confirmations#update', :via => :patch, :as => :update_user_confirmation
end
devise_for :users, controllers: { :confirmations => 'confirmations', :registrations => 'registrations' }
Here is my User
resource:
class User
include Mongoid::Document
devise :database_authenticatable, :registerable,
:recoverable, :trackable, :validatable,
:confirmable, :lockable, :timeoutable
#required fields
end
So, when creating a user, confirmation mail is sent, confirmation page shows up, user can set his password (which is indeed written in database (checked from console)) and is then signed in and redirected properly.
Now, if I log the user out and try to log in, I always face the error Invalid email or password
and get redirected back to sign_in page.
I tried tracking where the problem was and all I could find was that lines beyond
self.password = auth_values[:password]
of authenticatable#with_authentication_hash
strategy were never hit (even though auth_values[:password]
is carrying the right password).
I have no idea what can go wrong with that line. Any clue is more than welcome.
========================= EDITED =========================
Here is the registraction controller:
class RegistrationsController < Devise::RegistrationsController
#https://github.com/plataformatec/devise/tree/v3.0.0.rc#strong-parameters
before_filter :configure_permitted_parameters
layout 'public'
private
def configure_permitted_parameters
devise_parameter_sanitizer.for(:sign_up){ |params| params.permit(:first_name, :email) }
end
end