13

I'm hoping that someone else has a good solution for this issue. We let our users register using facebook (by liking an app), and at the same time they enter our database as users on our site.

Upon successful registration it seems like Devise/OmniAuth is creating a random password(?). How can I let users edit their profile, which (and should) by default in Devise requires that they enter their current password?

Emil Ahlbäck
  • 6,085
  • 8
  • 39
  • 54

2 Answers2

9

I had the exact same issue so I hope my solution will be helpful.

Based off the details in your question I am assuming you following the OmniAuth guide in the devise wiki: https://github.com/plataformatec/devise/wiki/OmniAuth:-Overview

In the following method:

def self.find_for_facebook_oauth(access_token, signed_in_resource=nil)
  data = access_token.extra.raw_info
  if user = User.where(:email => data.email).first
    user
  else # Create a user with a stub password. 
    User.create!(:email => data.email, :password => Devise.friendly_token[0,20]) 
  end
end

I changed the logic in the else block because it was creating a new user in the database right away and hashing a password for them:

else # Create new user 
      user =User.new
      user
end

Instead I just made a new user so that after getting the facebook info I direct them to the sign up page where I have their info populated in the form fields where they can edit and create a password.

You will just need to make sure to update your 

def self.new_with_session(params, session)

to add all the relevant facebook information you grabbed for a new user and assign it to the new user object so all those fields are populated with their information in the sign up page. So that after they finish typing their password and adding or changing any info and click submit it create the new user. Hopefully you find this helpful.

This was a mash of ideas for the wiki page on Devise and the railscast omniauth tutorial: http://railscasts.com/episodes/235-omniauth-part-1

Talk2MeGooseman
  • 143
  • 7
  • I suppose that is a good solution. It would be very helpful for me to let the user be created immediately when they connect through facebook though. I guess I could have a boolean field like "hascreatedownpassword" though. Thanks for the idea. – Emil Ahlbäck Feb 11 '12 at 14:29
1

Had a similar problem, but in regards to updating a user profile without password confirmation. Posting a link to it - hope it helps:

stackoverflow - Allowing users to edit accounts without saving passwords in devise

Community
  • 1
  • 1
Todd
  • 145
  • 3
  • 11