I have my user models validation for password confirmation like this
validate_confirmation_of :password
This add the error message doesn't match to the password field, but I need this error message on the password_confirmation field.
Can this be achieved in any other way.? I need this because, I use client side validations to show errors in form and I want this error to appear on the password_confirmation field rather than on the password field.
You can write a simple custom validation:
class User
validate :password_confirmation_matches_password
def password_confirmation_matches_password
if password != password_confirmation
errors.add(:password_confirmation, "isn't the same")
end
end
end
Related
I have a user registration page and will send the information to couple of admin users that one new user registered in the site.
Now, I created the seed data with list of users (200+). So, It'll send the 200+ email to the respective admin users. Hence, I want to stop send the mail confirmation to admin users when creating new user.
For Devise, add user.skip_confirmation! before saving.
user = User.new(
:email => 'person#example.com',
:password => 'password1',
:password_confirmation => 'password1'
)
user.skip_confirmation!
user.save!
Cite: https://github.com/plataformatec/devise/pull/2296
Another option is to do something like
user = User.new.tap do |u|
u.email = 'email#server.com'
u.password = 'hackme!'
u.password_confirmation = 'hackme!'
u.skip_confirmation!
u.save!
end
In that way, you instantiate the object, skip the confirmation and save it in one step and return it to the user variable.
It's just another way to do the same in one step.
I have had this solution for Omniauth & Github implemented and working fine but sometime in the last few months it stopped working.
The error I'm getting when I try to login is: (422) The change you wanted was rejected.
Specifically in the Heroku logs I'm seeing:
ActiveRecord::RecordInvalid (Validation failed: Password can't be blank):
app/models/user.rb:18:in `create_from_omniauth'
app/models/user.rb:14:in `from_omniauth'
app/controllers/sessions_controller.rb:4:in `create'
Do I need to save the credentials when I create the user?
My user model:
def self.from_omniauth(auth)
where(auth.slice("provider", "uid")).first || create_from_omniauth(auth)
end
def self.create_from_omniauth(auth)
create! do |user|
user.provider = auth["provider"]
user.uid = auth["uid"]
user.name = auth["info"]["nickname"]
user.email = auth["info"]["email"]
user.image = auth["info"]["image"]
end
end
Sessions controller:
class SessionsController < ApplicationController
def create
user = User.from_omniauth(env["omniauth.auth"])
session[:user_id] = user.id
redirect_to root_url, notice: "Signed in!"
end
def destroy
session[:user_id] = nil
redirect_to root_url, notice: "Signed out!"
end
end
Facebook's omniauth error "the change you wanted was rejected"
might appear because of your validations set in the model. I had to refactor my validation for users having one unique email, which wasn't working when a user would try to facebook login with the same email.
Look at your logs. heroku logs -t
It looks like you're either validating presence of the password field in your User model or using has_secure_password, which does that under the covers.
If you're doing that validation yourself, you can just add a clause like :if => :password_changed? to the validation.
If you're using has_secure_password, it depends which version of Rails you're using. Any version with these two changes (I believe only Rails 4) support passing a validations: false option to has_secure_password. Otherwise, there's not really a good solution, other than maybe setting a random dummy password when you create the user then letting them change it immediately.
I had this issue when the time on my gitlab server was out of sync, i restarted ntpd, which corrected the time on the server and the problem was resolved
I have a Rails app where I am using Devise for authentication. Devise lets users click to get an email containing a link to reset their password.
My problem is that the email field is not required in the table "user". There's a login field to authenticate, that is sincronized from another system. I can't set email to required.
I want to verify the email field and return a custom message to the user, if the email is not set. If it is, then Devise will continue and reset the password.
I saw in another post, that I have to override the method "email_required?" in the user model, but I still get the error message "Email cant be blank".
def email_required?
false
end
In your user model you should probably have some kind of validation for email like so
validates_presence_of :email
Also if you wanted to migrate the database to have email as not null it would be like so
change_column :users, :email, :string, :null => false
<%=password_field 'email_setting','emailpasswd' %>
In this #email_setting.emailpasswd has the value password(#email_setting.emailpasswd="password").
But in email_setting form edit the password text box is loaded with empty.Instead of that I need to show some characters(#######) to indicate that the password is already entered.
I'm using Rails 3.
You could also do something like this:
In /config/initializers/my_constants.rb, set a constant with the value that you'd like to display to the user in the password input box.
STARS_PASSWORD = '*******'
In the User model, create a method that we will call from the form to determine what to display to the user inside the password input box.
class User < ActiveRecord::Base
def password_form_value
password.present? ? STARS_PASSWORD : ''
end
end
In the form, display the STARS_PASSWORD as the value on the input form, if in fact the user has already set a password.
<%=form.password_field :password, :value => #user.password_form_value %>
In the UsersController, delete the submitted password before updating if the submitted password is STARS_PASSWORD.
params[:user].delete :password if params[:user][:password] == STARS_PASSWORD
NB: If you have a password validator on the User model (for example, the password needs to have letters and numbers), you will also need to modify that validator to allow STARS_PASSWORD.
This is a security precaution of Rails that password fields are not prepopulated. Otherwise they would be visible in plain text in page source.
If you really want to display it there though, you need to bypass form helpers and fallback to plain HTML:
<input type="password" name="email_setting[emailpasswd]" value="<%= #email_setting.emailpasswd %>" />
However that will not work well if you have your passwords hashed. You can't "decrypt" a hashed password, so you can't show them in plain text here.
password_field renders with nil value by default. This makes the use of passwords secure by default. If you want to render the value of the password_field, you have to do for instance
f.password_field(:password, :value => #user.password)
https://github.com/rails/rails/commit/1851af84c1c7244dc416be9c93a4700b70e801e3
I am using the following code to generate an email address:
sequence :email do |n|
"person#{n}#example.com"
end
Then to generate a user, I use the following code:
factory :user do
sequence(:username) {|n| "person#{n}"}
email { generate :email }
password 'password'
password_confirmation { |u| u.password }
end
However, when I run the test, it always generates "person1#example.com". It never increases to '2'.
I get the error message "person1#example.com" already exists in the database.
How do I get FactoryGirl to increment up?
If you get this message when generating users within single test, then yes, it's the problem with generating unique emails. But you can receive that kind of error message because of test database not being clean (user left over from a former test). If in doubt, check test log.