1

I've seen this posted before but haven't found a solution that works for me.

I have tried following the Devise Wiki and have tried the code suggested by others to add to the controller: Editing Users With Devise and Omniauth [Rails]update_without_password does't update user info https://github.com/plataformatec/devise/issues/1620

Problem is that a user signs up via our Twitter Omniauth is unable to update their account info because Devise prompts them for their 'current password' to make changes. Emailing the user their random generated password isn't an option.

What i want to do -

I want to override the Devise controller's 'update' method so that it recognises a Twitter user editing their details for the first time and allows them to skip the 'current password' validation. We assign twitter users a standard email address that can be the variable it checks for. They won't be able to submit the from without changing it.

Still the problem -

I've tried different code blocks in the Registration Controller, but I still am getting redirected back to the from with an error that the current password is incorrect. I'm not even entering into a binding.pry , so it looks like the method is not even being read?

I have tried removing the form input for 'current password' completely, and passing it in hidden with a default value.

thank you for your help!

Routes

Rails.application.routes.draw do

  ActiveAdmin.routes(self)
  # devise_for :users,
  devise_for :users, controllers: { registrations: 'registrations' },
  controllers: { omniauth_callbacks: 'users/omniauth_callbacks' }


  scope '(:locale)', locale: /en|ca|es/ do

    resources :politicians

    resources :posts do
      resources :comments, only:[:new, :create, :edit, :update, :destroy]
      member do
        put "like", to: "posts#upvote"
        put "dislike", to: "posts#downvote"
      end
    end

    get "/about" => "pages#about_us"
    root to: 'pages#home'
  end
  # For details on the DSL available within this file, see http://guides.rubyonrails.org/routing.html
end

Registrations_Controller.rb

class Users::RegistrationsController < Devise::RegistrationsController

  protected

   def update_resource(resource, params)
    binding.pry
      if current_user.email.include?("email.com")
        params.delete("current_password")
        resource.update_without_password(params)
      else
        resource.update_with_password(params)
      end
    end
end
dan101
  • 63
  • 1
  • 1
  • 6
  • Possible duplicate of [Editing Users With Devise and Omniauth](https://stackoverflow.com/questions/13436232/editing-users-with-devise-and-omniauth) – Gerry Jun 01 '17 at 15:20

1 Answers1

0

You'll want to create a method similar to this one in your registration's controller:

def update_resource(resource, params)
    resource.update_without_password(params)
end

Devise offers a very nice, in-depth wiki article for allowing users to update their account information without entering their password here.

thisischuck
  • 153
  • 1
  • 7
  • 1
    Hi thisischuck, Thanks for your reply. I've followed there steps, but unfortunately I'm directed back to the form with a ''We Need Your Current Password To Confirm Your Changes'' error message. Not sure what I'm missing – dan101 Jun 01 '17 at 17:37
  • Make sure that you restart your server and set your params so that it isn't looking for the password confirmation field. – thisischuck Jun 01 '17 at 17:59