If you are using Devise gem for authentication and you have been adding custom fields to your model you’ll get in trouble when you try to create a new instance or update an existing one. All your added fields will be treated as unpermitted. The solution for this problem is to customise Devise’s configure_permited_parameters action. All you need to do is to add this action to your Application controller and push parameters that need to be permitted to devise_paremeter_sanitizer array. So let’s say you have a User Model and you have added company_name and website fields to your user’s table, to permit this parameters on sign_up you need to add this to your Application controller:

def configure_permitted_parameters
  devise_parameter_sanitizer.for(:sign_up).push(:company_name, :website)

It is the same principle for the :sign_in and :edit_account. You can see what are default permitted parameters here.

Tags: ruby, rails, devise


comments powered by Disqus