Geek Answers Handbook

OmniAuth and Devise how to set additional passwords

I use OmniAuth and Devise to authenticate users. I would like for users who signed up with OmniAuth providers to be able to set an optional password (required for API authentication), but I ran into a wall.

If a user creates an account through OmniAuth and tries to set a password, she receives the following error:

BCrypt::Errors::InvalidHash in RegistrationsController#update

I believe this is because the password is empty. What a good way to get around this? I was thinking of generating a random password, but the problem with this approach is that the user needs to know the current password in order to edit the settings.

Edit : I looked at letting the user change the settings without having to use the current password and what I would like to do only if the user did not have a password at first.

+5
source share
4 answers

I assume that you do not need a simple exit, which will simply reset the password if they want to set it?

user.send_reset_password_instructions

+3
source

An alternative is to add the following user model to your class to bypass password verification, if there is no password to verify, where the provider is some field that is set when using external authentication.

def valid_password?(password)  
  !provider.nil? || super(password)  
end
+5

This is a bit late, but it may help someone else, and Andrew will reply that you can create a password and save it in the database, but you cannot log in using your email and a new password, resolving this by setting:

  def valid_password
    !provider.nil? && !encrypted_password.present? || super
  end
+1
source

Another alternative. You do not need to include a new field. Just catch the exception and return false. Here is the code.

def valid_password?(password)
   begin
      super(password)
   rescue BCrypt::Errors::InvalidHash
      return false
   end
end

That should do the job.

0
source

More articles:


All Articles