Current Password Can't Be Blank When Updating Devise Account

Current password can't be blank even when password is entered

I think current_password parameter is not permitted, please check your console logs. It will show unpermitted parameter.
Try to permit it via devise registration controller or in your application controller in configure_permitted_parameters method. Hope it will work.

Still getting Current password can't be blank in Registration Edit after following wiki

You have update_with_password twice. The second time should be update_without_password.

Devise update user without password

Is this what you're look for? From the Devise wiki

Allow users to edit their account without providing a password

It shows how to do it for rails 3 and rails 4

=======================

John's solution is a simpler alternative

Devise let me to change new password as empty

Reading your question I was a bit surprised about this behavior. But looking at the source code I could confirm that this behavior is expected and describe in a comment in the code:

# This method also rejects the password field if it is blank (allowing
# users to change relevant information like the e-mail without changing
# their password). In case the password field is rejected, the confirmation
# is also rejected as long as it is also blank.

I have mixed feelings about how to handle it. I would probably not show an error message because when the user didn't enter a new password they probably would not expect the password to change.

But another way to handle the error message could be to not handle that case in the method at all but to use a before_action:

before_action :ensure_new_password_provided, only: :update_password

private

  def ensure_new_password_provided
    return if params[:user][:password].present?
    redirect_to settings_path, alert: "blank pswd"
  end

Devise says 'Password Can't be Blank' on a API request - Rails API

Your CURL request seems incorrect.

curl -i -H "Accept: application/json" -H "Content-type: application/json" -X POST -d '{"name":"oi", "email":"oi2@gmail.com","password":"123456", "password_confirmation":"123456"}' http://localhost:3000/api/clients

This does not put the client attributes under client as expected. Try this instead:

curl -i -H "Accept: application/json" -H "Content-type: application/json" -X POST -d '{"client":{"name":"oi", "email":"oi2@gmail.com","password":"123456", "password_confirmation":"123456"}}' http://localhost:3000/api/clients

using devise with rails: current_password being sanitized?

This is an issue I've had trouble in the past with, and something that requires a little bit of a work-around. By default, Devise's :registerable module allows a user to change their information, and requires the :password and :password_confirmation parameters to be entered. As I understand it, you're trying to require the user to enter and confirm their :current_password.

In order to implement the behavior you're looking for, you'll have to override Devise's RegistrationsController. I also don't think you'll need the PasswordsController, since Devise's RegistrationsController handles that for you. You'll need to write and implement a method that checks the validity of the user's :current_password, and then redirects them to the right places via the update action. You can write the following private method in your Users::RegistrationController class:

def needs_password?(user, params)
  user.email != params[:user][:email] || 
   params[:user][:password].present? || 
   params[:user][:password_confirmation].present?
end

Then revise your update method in User::RegistrationsController as follows:

class Users::RegistrationsController < Devise::RegistrationsController
  def update
    @user = User.find(current_user.id)

    successfully_updated = if needs_password?(@user, params)
      @user.update_with_password(devise_parameter_sanitizer.sanitize(:account_update))
    else
      # remove the virtual current_password attribute
      # update_without_password doesn't know how to ignore it
      params[:user].delete(:current_password)
      @user.update_without_password(devise_parameter_sanitizer.sanitize(:account_update))
    end

    if successfully_updated
      set_flash_message :notice, :updated
      # Sign in the user bypassing validation in case their password changed
      sign_in @user, :bypass => true
      redirect_to after_update_path_for(@user)
    else
      render "edit"
    end
  end

Hopefully that will help. You can also refer to Devise's documentation on how to do this: https://github.com/plataformatec/devise/wiki/How-To%3a-Allow-users-to-edit-their-account-without-providing-a-password.


Related Topics

Parsing a CSV File Using Different Encodings and Libraries

Rails3 Scope for Count of Children in Has_Many Relationship

More Ruby Way of Doing Project Euler #2

Sql Like Operator in Ruby on Rails

Ruby: Check If Object Is Nil

What Does / Mean in Ruby

Explanation of Ruby Code for Building Trie Data Structures

Sinatra Not Persisting Session with Redirect on Chrome

Running "Bundle Install" Fails and Asks Me to Run "Bundle Install"

How to Open File in Default Application. Ruby

How to Fix Difference in Behavior of Activesupport 3.0.0 Compare to 2.X

Error While Starting Puma Server with Workers

How to Convert JSON to Xml in Ruby

Homebrew Uninstall Ruby

Reflection in Ruby

Dependent Tests in Rspec

How to Validate Overlapping Times in Rails with Postgresql

Getting a "Connection Reset by Peer" Error When Hitting Google Contacts API


Leave a reply



Submit