Current password can't be blank even when password is entered
I think current_password parameter is not permitted, please check your console logs. It will show unpermitted parameter.
Try to permit it via devise registration controller or in your application controller in configure_permitted_parameters method. Hope it will work.
Still getting Current password can't be blank in Registration Edit after following wiki
You have update_with_password
twice. The second time should be update_without_password
.
Devise update user without password
Is this what you're look for? From the Devise wiki
Allow users to edit their account without providing a password
It shows how to do it for rails 3 and rails 4
=======================
John's solution is a simpler alternative
Devise let me to change new password as empty
Reading your question I was a bit surprised about this behavior. But looking at the source code I could confirm that this behavior is expected and describe in a comment in the code:
I have mixed feelings about how to handle it. I would probably not show an error message because when the user didn't enter a new password they probably would not expect the password to change.# This method also rejects the password field if it is blank (allowing
# users to change relevant information like the e-mail without changing
# their password). In case the password field is rejected, the confirmation
# is also rejected as long as it is also blank.
But another way to handle the error message could be to not handle that case in the method at all but to use a before_action
:
before_action :ensure_new_password_provided, only: :update_password
private
def ensure_new_password_provided
return if params[:user][:password].present?
redirect_to settings_path, alert: "blank pswd"
end
Devise says 'Password Can't be Blank' on a API request - Rails API
Your CURL request seems incorrect.
curl -i -H "Accept: application/json" -H "Content-type: application/json" -X POST -d '{"name":"oi", "email":"oi2@gmail.com","password":"123456", "password_confirmation":"123456"}' http://localhost:3000/api/clients
This does not put the client attributes under client
as expected. Try this instead:curl -i -H "Accept: application/json" -H "Content-type: application/json" -X POST -d '{"client":{"name":"oi", "email":"oi2@gmail.com","password":"123456", "password_confirmation":"123456"}}' http://localhost:3000/api/clients
using devise with rails: current_password being sanitized?
This is an issue I've had trouble in the past with, and something that requires a little bit of a work-around. By default, Devise's :registerable
module allows a user to change their information, and requires the :password
and :password_confirmation
parameters to be entered. As I understand it, you're trying to require the user to enter and confirm their :current_password
.
In order to implement the behavior you're looking for, you'll have to override Devise's RegistrationsController
. I also don't think you'll need the PasswordsController
, since Devise's RegistrationsController
handles that for you. You'll need to write and implement a method that checks the validity of the user's :current_password
, and then redirects them to the right places via the update
action. You can write the following private method in your Users::RegistrationController
class:
def needs_password?(user, params)
user.email != params[:user][:email] ||
params[:user][:password].present? ||
params[:user][:password_confirmation].present?
end
Then revise your update
method in User::RegistrationsController
as follows:class Users::RegistrationsController < Devise::RegistrationsController
def update
@user = User.find(current_user.id)
successfully_updated = if needs_password?(@user, params)
@user.update_with_password(devise_parameter_sanitizer.sanitize(:account_update))
else
# remove the virtual current_password attribute
# update_without_password doesn't know how to ignore it
params[:user].delete(:current_password)
@user.update_without_password(devise_parameter_sanitizer.sanitize(:account_update))
end
if successfully_updated
set_flash_message :notice, :updated
# Sign in the user bypassing validation in case their password changed
sign_in @user, :bypass => true
redirect_to after_update_path_for(@user)
else
render "edit"
end
end
Hopefully that will help. You can also refer to Devise's documentation on how to do this: https://github.com/plataformatec/devise/wiki/How-To%3a-Allow-users-to-edit-their-account-without-providing-a-password.
Related Topics
Parsing a CSV File Using Different Encodings and Libraries
Rails3 Scope for Count of Children in Has_Many Relationship
More Ruby Way of Doing Project Euler #2
Sql Like Operator in Ruby on Rails
Explanation of Ruby Code for Building Trie Data Structures
Sinatra Not Persisting Session with Redirect on Chrome
Running "Bundle Install" Fails and Asks Me to Run "Bundle Install"
How to Open File in Default Application. Ruby
How to Fix Difference in Behavior of Activesupport 3.0.0 Compare to 2.X
Error While Starting Puma Server with Workers
How to Convert JSON to Xml in Ruby
How to Validate Overlapping Times in Rails with Postgresql
Getting a "Connection Reset by Peer" Error When Hitting Google Contacts API