27 Mar 2013

Rails4 StrongParameters with Devise and multiple resources

First of all, we override the controllers where we need to explicitly authorize params, in this case PasswordsController and RegistrationsController should accept email, password and password_confirmation by default:

# app/controllers/custom_devise/password_controller.rb

class CustomDevise::PasswordsController < Devise::PasswordsController
  def resource_params
    params.require(resource_name).permit(:email, :password, :password_confirmation)
  end
  private :resource_params
end
# app/controllers/custom_devise/registrations_controller.rb

class CustomDevise::RegistrationsController < Devise::RegistrationsController
  def resource_params
    params.require(resource_name).permit(:name, :email, :password, :password_confirmation)
  end
  private :resource_params
end

Then, we need to tell Devise to use these controllers instead of the default ones:

# config/routes.rb

devise_for :users, controllers: {
  registrations: "custom_devise/registrations",
  passwords: "custom_devise/passwords"
}

devise_for :admins, controllers: {
  registrations: "custom_devise/registrations",
  passwords: "custom_devise/passwords"
}

enjoy :-)

Enjoyed this article? Share it!