Rails 4 Authentication
Solution 1
It is because in rails-4, ActiveModel::MassAssignmentSecurity
has been taken out of ActiveModel. But devise uses attr_accessible, hence to use that, just add the following gem in ur Gemfile and try to load once again.
gem 'protected_attributes'
EDIT:
Now devise is supporting for rails-4. Include this in your Gemfile.
gem 'devise', '3.0.0.rc'
Solution 2
Edit: there is now a Devise version supporting Rails 4: Devise 3.0.0.rc
Previous answer: What I did on my end to make it work just fine is...
In Gemfile:
gem 'devise', github: 'plataformatec/devise', branch: 'rails4'
In generated model, remove the
attr_accessible
stuff.-
Enable Strong Parameters for Devise instead of attr_accessible. To do so, create a new initiliazer with that content:
DeviseController.class_eval do def resource_params unless params[resource_name].blank? params.require(resource_name).permit(:email, :password, :password_confirmation, :remember_me) end end end
Solution 3
Instead of using attr_accessible
with devise in your project, please use accesssibles in following way -
like we have attr_accessible :email, :password, :password_confirmation, :remember_me, then we can convert them in a private method for security reasons:
private
def user_params
params.require(:user).permit(:email, :password, :password_confirmation, :remember_me)
end
Solution 4
It really depends on what you need the gem to do. There are lots of options, and Devise is definitely up there at the top. I would suggest Clearance by Thoughtbot(https://github.com/thoughtbot/clearance). It's very well tested, and frequently updated. For me, it was very useful when I needed the core authentication functionality and not all of the other stuff that comes with gems like Devise!
Related videos on Youtube
Amrit Dhungana
Updated on July 09, 2022Comments
-
Amrit Dhungana almost 2 years
which gem is best for authentication in Rails 4?? I try to use devise but I got problem with it.
.rvm/gems/ruby-2.0.0-p0/gems/activemodel-4.0.0.beta1/lib/active_model/deprecated_mass_assignment_security.rb:14:in `attr_accessible': `attr_accessible` is extracted out of Rails into a gem. Please use new recommended protection model for params(strong_parameters) or add `protected_attributes` to your Gemfile to use old one. (RuntimeError) from /home/leapfrog/projects/kathloc/app/models/user.rb:8:in `<class:User>' from /home/leapfrog/projects/kathloc/app/models/user.rb:1:in `<top (required)>' from /home/leapfrog/.rvm/gems/ruby-2.0.0-p0/gems/activesupport-4.0.0.beta1/lib/active_support/dependencies.rb:423:in `load' from /home/leapfrog/.rvm/gems/ruby-2.0.0-p0/gems/activesupport-4.0.0.beta1/lib/active_support/dependencies.rb:423:in `block in load_file' from /home/leapfrog/.rvm/gems/ruby-2.0.0-p0/gems/activesupport-4.0.0.beta1/lib/active_support/dependencies.rb:615:in `new_constants_in' from /home/leapfrog/.rvm/gems/ruby-2.0.0-p0/gems/activesupport-4.0.0.beta1/lib/active_support/dependencies.rb:422:in `load_file' from /home/leapfrog/.rvm/gems/ruby-2.0.0-p0/gems/activesupport-4.0.0.beta1/lib/active_support/dependencies.rb:323:in `require_or_load' from /home/leapfrog/.rvm/gems/ruby-2.0.0-p0/gems/activesupport-4.0.0.beta1/lib/active_support/dependencies.rb:462:in `load_missing_constant' from /home/leapfrog/.rvm/gems/ruby-2.0.0-p0/gems/activesupport-4.0.0.beta1/lib/active_support/dependencies.rb:183:in `const_missing' from /home/leapfrog/.rvm/gems/ruby-2.0.0-p0/gems/activesupport-4.0.0.beta1/lib/active_support/inflector/methods.rb:226:in `const_get' from /home/leapfrog/.rvm/gems/ruby-2.0.0-p0/gems/activesupport-4.0.0.beta1/lib/active_support/inflector/methods.rb:226:in `block in constantize' from /home/leapfrog/.rvm/gems/ruby-2.0.0-p0/gems/activesupport-4.0.0.beta1/lib/active_support/inflector/methods.rb:224:in `each' from /home/leapfrog/.rvm/gems/ruby-2.0.0-p0/gems/activesupport-4.0.0.beta1/lib/active_support/inflector/methods.rb:224:in `inject' from /home/leapfrog/.rvm/gems/ruby-2.0.0-p0/gems/activesupport-4.0.0.beta1/lib/active_support/inflector/methods.rb:224:in `constantize' from /home/leapfrog/.rvm/gems/ruby-2.0.0-p0/gems/activesupport-4.0.0.beta1/lib/active_support/dependencies.rb:534:in `get' from /home/leapfrog/.rvm/gems/ruby-2.0.0-p0/gems/activesupport-4.0.0.beta1/lib/active_support/dependencies.rb:565:in `constantize' from /home/leapfrog/.rvm/gems/ruby-2.0.0-p0/gems/devise-1.5.4/lib/devise.rb:261:in `get' from /home/leapfrog/.rvm/gems/ruby-2.0.0-p0/gems/devise-1.5.4/lib/devise/mapping.rb:77:in `to' from /home/leapfrog/.rvm/gems/ruby-2.0.0-p0/gems/devise-1.5.4/lib/devise/mapping.rb:72:in `modules' from /home/leapfrog/.rvm/gems/ruby-2.0.0-p0/gems/devise-1.5.4/lib/devise/mapping.rb:89:in `routes' from /home/leapfrog/.rvm/gems/ruby-2.0.0-p0/gems/devise-1.5.4/lib/devise/mapping.rb:156:in `default_used_route' from /home/leapfrog/.rvm/gems/ruby-2.0.0-p0/gems/devise-1.5.4/lib/devise/mapping.rb:66:in `initialize' from /home/leapfrog/.rvm/gems/ruby-2.0.0-p0/gems/devise-1.5.4/lib/devise.rb:291:in `new' from /home/leapfrog/.rvm/gems/ruby-2.0.0-p0/gems/devise-1.5.4/lib/devise.rb:291:in `add_mapping' from /home/leapfrog/.rvm/gems/ruby-2.0.0-p0/gems/devise-1.5.4/lib/devise/rails/routes.rb:193:in `block in devise_for' from /home/leapfrog/.rvm/gems/ruby-2.0.0-p0/gems/devise-1.5.4/lib/devise/rails/routes.rb:192:in `each' from /home/leapfrog/.rvm/gems/ruby-2.0.0-p0/gems/devise-1.5.4/lib/devise/rails/routes.rb:192:in `devise_for' from /home/leapfrog/projects/kathloc/config/routes.rb:2:in `block in <top (required)>' from /home/leapfrog/.rvm/gems/ruby-2.0.0-p0/gems/actionpack-4.0.0.beta1/lib/action_dispatch/routing/route_set.rb:320:in `instance_exec' from /home/leapfrog/.rvm/gems/ruby-2.0.0-p0/gems/actionpack-4.0.0.beta1/lib/action_dispatch/routing/route_set.rb:320:in `eval_block' from /home/leapfrog/.rvm/gems/ruby-2.0.0-p0/gems/actionpack-4.0.0.beta1/lib/action_dispatch/routing/route_set.rb:298:in `draw' from /home/leapfrog/projects/kathloc/config/routes.rb:1:in `<top (required)>' from /home/leapfrog/.rvm/gems/ruby-2.0.0-p0/gems/activesupport-4.0.0.beta1/lib/active_support/dependencies.rb:222:in `load' from /home/leapfrog/.rvm/gems/ruby-2.0.0-p0/gems/activesupport-4.0.0.beta1/lib/active_support/dependencies.rb:222:in `block in load' from /home/leapfrog/.rvm/gems/ruby-2.0.0-p0/gems/activesupport-4.0.0.beta1/lib/active_support/dependencies.rb:213:in `load_dependency' from /home/leapfrog/.rvm/gems/ruby-2.0.0-p0/gems/activesupport-4.0.0.beta1/lib/active_support/dependencies.rb:222:in `load' from /home/leapfrog/.rvm/gems/ruby-2.0.0-p0/gems/railties-4.0.0.beta1/lib/rails/application/routes_reloader.rb:40:in `block in load_paths' from /home/leapfrog/.rvm/gems/ruby-2.0.0-p0/gems/railties-4.0.0.beta1/lib/rails/application/routes_reloader.rb:40:in `each' from /home/leapfrog/.rvm/gems/ruby-2.0.0-p0/gems/railties-4.0.0.beta1/lib/rails/application/routes_reloader.rb:40:in `load_paths' from /home/leapfrog/.rvm/gems/ruby-2.0.0-p0/gems/railties-4.0.0.beta1/lib/rails/application/routes_reloader.rb:16:in `reload!' from /home/leapfrog/.rvm/gems/ruby-2.0.0-p0/gems/railties-4.0.0.beta1/lib/rails/application/routes_reloader.rb:26:in `block in updater' from /home/leapfrog/.rvm/gems/ruby-2.0.0-p0/gems/activesupport-4.0.0.beta1/lib/active_support/file_update_checker.rb:75:in `call' from /home/leapfrog/.rvm/gems/ruby-2.0.0-p0/gems/activesupport-4.0.0.beta1/lib/active_support/file_update_checker.rb:75:in `execute' from /home/leapfrog/.rvm/gems/ruby-2.0.0-p0/gems/railties-4.0.0.beta1/lib/rails/application/routes_reloader.rb:27:in `updater' from /home/leapfrog/.rvm/gems/ruby-2.0.0-p0/gems/railties-4.0.0.beta1/lib/rails/application/routes_reloader.rb:7:in `execute_if_updated' from /home/leapfrog/.rvm/gems/ruby-2.0.0-p0/gems/railties-4.0.0.beta1/lib/rails/application/finisher.rb:69:in `block in <module:Finisher>' from /home/leapfrog/.rvm/gems/ruby-2.0.0-p0/gems/railties-4.0.0.beta1/lib/rails/initializable.rb:30:in `instance_exec' from /home/leapfrog/.rvm/gems/ruby-2.0.0-p0/gems/railties-4.0.0.beta1/lib/rails/initializable.rb:30:in `run' from /home/leapfrog/.rvm/gems/ruby-2.0.0-p0/gems/railties-4.0.0.beta1/lib/rails/initializable.rb:55:in `block in run_initializers' from /home/leapfrog/.rvm/rubies/ruby-2.0.0-p0/lib/ruby/2.0.0/tsort.rb:150:in `block in tsort_each' from /home/leapfrog/.rvm/rubies/ruby-2.0.0-p0/lib/ruby/2.0.0/tsort.rb:183:in `block (2 levels) in each_strongly_connected_component' from /home/leapfrog/.rvm/rubies/ruby-2.0.0-p0/lib/ruby/2.0.0/tsort.rb:219:in `each_strongly_connected_component_from' from /home/leapfrog/.rvm/rubies/ruby-2.0.0-p0/lib/ruby/2.0.0/tsort.rb:182:in `block in each_strongly_connected_component' from /home/leapfrog/.rvm/rubies/ruby-2.0.0-p0/lib/ruby/2.0.0/tsort.rb:180:in `each' from /home/leapfrog/.rvm/rubies/ruby-2.0.0-p0/lib/ruby/2.0.0/tsort.rb:180:in `each_strongly_connected_component' from /home/leapfrog/.rvm/rubies/ruby-2.0.0-p0/lib/ruby/2.0.0/tsort.rb:148:in `tsort_each' from /home/leapfrog/.rvm/gems/ruby-2.0.0-p0/gems/railties-4.0.0.beta1/lib/rails/initializable.rb:54:in `run_initializers' from /home/leapfrog/.rvm/gems/ruby-2.0.0-p0/gems/railties-4.0.0.beta1/lib/rails/application.rb:213:in `initialize!' from /home/leapfrog/.rvm/gems/ruby-2.0.0-p0/gems/railties-4.0.0.beta1/lib/rails/railtie/configurable.rb:30:in `method_missing' from /home/leapfrog/projects/kathloc/config/environment.rb:5:in `<top (required)>' from /home/leapfrog/.rvm/gems/ruby-2.0.0-p0/gems/activesupport-4.0.0.beta1/lib/active_support/dependencies.rb:228:in `require' from /home/leapfrog/.rvm/gems/ruby-2.0.0-p0/gems/activesupport-4.0.0.beta1/lib/active_support/dependencies.rb:228:in `block in require' from /home/leapfrog/.rvm/gems/ruby-2.0.0-p0/gems/activesupport-4.0.0.beta1/lib/active_support/dependencies.rb:213:in `load_dependency' from /home/leapfrog/.rvm/gems/ruby-2.0.0-p0/gems/activesupport-4.0.0.beta1/lib/active_support/dependencies.rb:228:in `require' from /home/leapfrog/.rvm/gems/ruby-2.0.0-p0/gems/railties-4.0.0.beta1/lib/rails/application.rb:187:in `require_environment!' from /home/leapfrog/.rvm/gems/ruby-2.0.0-p0/gems/railties-4.0.0.beta1/lib/rails/commands.rb:45:in `<top (required)>' from bin/rails:4:in `require' from bin/rails:4:in `<main>'
-
Mauro almost 11 yearsI'm really annoyed. Every new rails release has some incompatibities with some gems, I pass my time in resolving these incompatibilities not developing.
-
Starkers over 10 yearsTell me about it. It struck me that Rails is like a dictatorship, with people that have been developing for years the only ones who get a say in how it moves forwards. What about the new guys? Rails 2.0 is a LOT easier to understand than Rails 4.0; it's getting madly esoteric. And you need to get newbies on board if an open source project is going to grow. Abstracting this functionality out into the controller is just stupid. It should be with the model. But you can't say this in an irc. People treat rails like a damn religion. It was a stupid idea to do this and they should change it back.
-
-
Benjamin about 11 yearsRuby considers # a comment. Looks like you are commenting out #{file_name}_params. Does this work for you?
-
Paul Annesley about 11 yearsActiveModel::MassAssignmentSecurity was removed for good reason; it's fundamentally flawed, and has been replaced by strong_parameters. So it's probably best not to recommend blindly bringing it back with the protected_attributes gem. No doubt Devise will (or has already) become compatible with Rails 4 without MassAssignmentSecurity.
-
Sjors Provoost almost 11 yearsDevise 3.0.0rc supports Rails 4.
-
Amit Suroliya almost 11 years@Vezu please use "#{file_params}" istead of #{file_params}.
-
Sagar Bommidi almost 11 yearsYes, now it is supporting for rails-4, but when i gave the answer to the above post, the development for enhancement was in progress.
-
speedynomads almost 11 yearsThanks. Adding gem 'protected_attributes' to my Gemfile let me use attr_accessible on rails4/ruby1.9.3.
-
illusionist over 8 yearsI dont think neither
def #{file_name}_params
nordef "#{file_name}_params"
is valid in ruby -
Amit Suroliya over 8 years@illusionist......I am agree with you, But i am here giving example. Now, I am updating my answer.