添加自定义参数以设计注册-不允许的参数 [英] Adding custom parameters to devise registration - unpermitted parameters
问题描述
我一直在尝试自定义devise注册方法以注册更多参数并更新更多(到目前为止没有运气),但我总是得到不允许的参数:错误。我尝试使用此通过Devise添加额外的注册字段和 https://github.com/plataformatec/devise#strong-parameters ,但我无法克服。
I've been trying to customize the devise register method to register with more parameters and also update more(no luck so far), but I always get Unpermitted parameters: error. I tried using this Adding extra registration fields with Devise and https://github.com/plataformatec/devise#strong-parameters, but I cant get over that.
我还考虑过创建一个新表来保存用户ID的外键,并在其中放入 user_id,display_name,profile_picture之类的东西,但是当尝试从同一页面提交所有内容时(使用devise控制器时会遇到同样的问题)。
I've also thought about creating a new table to hold a foreign key the user id and put in there stuff like user_id, display_name, profile_picture, but I would have the same problem when trying to submit everything from the same page(mess with the devise controller).
您对我如何解决此问题有任何建议吗?我还必须发布什么?
Do you have any suggestions on how I can solve this? What else do I have to post?
routes.rb
routes.rb
devise_for :users, controllers: { registrations: 'users/registrations' }
users / regC
users/regC
def create
build_resource(registration_params)
if resource.save
if resource.active_for_authentication?
set_flash_message :notice, :signed_up if is_navigational_format?
sign_up(resource_name, resource)
respond_with resource, :location => after_sign_up_path_for(resource)
else
set_flash_message :notice, :"signed_up_but_#{resource.inactive_message}" if is_navigational_format?
respond_with resource, :location => after_sign_up_path_for(resource)
end
else
clean_up_passwords
respond_with resource
end
end
private
def registration_paramss
params.require(:user).permit(:email, :display_name, :terms_of_services, :profile, :password, :password_confirmation)
end
推荐答案
看起来您只需要告诉devise应该允许哪些参数即可。默认情况下,devise允许电子邮件(或用户名,具体取决于配置),password和password_confirmation参数。您只需要添加更多。
Looks like you just need to tell devise which parameters should be permitted. By default, devise permits the email (or username depending on configuration), password and password_confirmation params. You just need to add more.
设计文档提出了一种懒惰的方式进行设置。
The devise documentation suggests a "lazy way" of setting this up.
class ApplicationController < ActionController::Base
before_action :configure_permitted_parameters, if: :devise_controller?
protected
def configure_permitted_parameters
devise_parameter_sanitizer.permit(:sign_up, keys: [:display_name])
end
end
文档然后说
如果您具有嵌套属性(例如,您使用的是
accepts_nested_attributes_for),则需要告诉设计有关这些嵌套和类型的信息。
If you have nested attributes (say you're using
accepts_nested_attributes_for), then you will need to tell devise about those nestings and types.
仅当您需要覆盖 registrations#create 操作时,才应提供自定义设计路线。在这种情况下,请确保也重写 sign_up_params 方法。
Only if you need to override the registrations#create action you should provide your custom route for devise. In that case, make sure you override the sign_up_params method too.
class Users::RegistrationsController < Devise::RegistrationsController
def create
# Your custom code here. Make sure you copy devise's functionality
end
private
# Notice the name of the method
def sign_up_params
params.require(:user).permit(:display_name, :email, :password, :password_confirmation)
end
end
从本质上讲,您必须研究注册表单如何发布参数,以弄清楚如何在控制器中配置强参数。确保还阅读 strong参数语法。
In essence, you'd have to look into how your sign up form is posting the parameters to figure out how to configure strong parameters in the controller. Make sure you read on strong parameters syntax as well.
希望有帮助!
这篇关于添加自定义参数以设计注册-不允许的参数的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
