我的应用程序控制器文件
class ApplicationController < ActionController::Base
# Prevent CSRF attacks by raising an exception.
# For APIs, you may want to use :null_session instead.
protect_from_forgery with: :exception
before_action :configure_permitted_parameters, if: :devise_controller?
protected
def configure_permitted_parameters
devise_parameter_sanitizer.permit(:sign_up) {|u| u.permit(:username, :email, :password, :password_confirmation, :remember_me)}
devise_parameter_sanitizer.permit(:sign_in) {|u| u.permit(:username, :email, :password, :password_confirmation, :remember_me)}
devise_parameter_sanitizer.permit(:account_update) {|u| u.permit(:email, :password, :password_confirmation, :remember_me)}
end
end
我的路线。rb文件
Rails.application.routes.draw do
devise_for :users
root 'pages#index'
get 'home' => 'pages#home'
get 'profile' => 'pages#profile'
get 'explore' => 'pages#explore'
end
我的迁移文件
class DeviseCreateUsers < ActiveRecord::Migration
def change
create_table :users do |t|
## Database authenticatable
t.string :email, null: false, default: ""
t.string :encrypted_password, null: false, default: ""
## Recoverable
t.string :reset_password_token
t.datetime :reset_password_sent_at
## Rememberable
t.datetime :remember_created_at
## Trackable
t.integer :sign_in_count, default: 0, null: false
t.datetime :current_sign_in_at
t.datetime :last_sign_in_at
t.string :current_sign_in_ip
t.string :last_sign_in_ip
## Confirmable
# t.string :confirmation_token
# t.datetime :confirmed_at
# t.datetime :confirmation_sent_at
# t.string :unconfirmed_email # Only if using reconfirmable
## Lockable
# t.integer :failed_attempts, default: 0, null: false # Only if lock strategy is :failed_attempts
# t.string :unlock_token # Only if unlock strategy is :email or :both
# t.datetime :locked_at
t.timestamps null: false
end
add_index :users, :email, unique: true
add_index :users, :reset_password_token, unique: true
# add_index :users, :confirmation_token, unique: true
# add_index :users, :unlock_token, unique: true
end
end
我的添加用户名列迁移
class AddUsernameToUsers < ActiveRecord::Migration
def change
add_column :users, :username, :string
add_index :users, :username, unique: true
end
end
<%= bootstrap_devise_error_messages! %>
<div class="panel panel-default devise-bs">
<div class="panel-heading">
<h4><%= t('.sign_up', default: 'Sign up') %></h4>
</div>
<div class="panel-body">
<%= form_for(resource, as: resource_name, url: registration_path(resource_name), html: { role: 'form' }) do |f| %>
<div class="form-group">
<%= f.label :username %>
<%= f.text_field :email, autofocus: true, class: 'form-control' %>
</div>
<div class="form-group">
<%= f.label :email %>
<%= f.email_field :email, class: 'form-control' %>
</div>
<div class="form-group">
<%= f.label :password %>
<%= f.password_field :password, class: 'form-control' %>
</div>
<div class="form-group">
<%= f.label :password_confirmation %>
<%= f.password_field :password_confirmation, class: 'form-control' %>
</div>
<%= f.submit t('.sign_up', default: 'Sign up'), class: 'btn btn-primary' %>
<% end %>
</div>
</div>
<%= render 'devise/shared/links' %>
因此,即使使用了强参数,通过浏览器添加的用户名也不会反映在数据库中。
它给出了这个结果
irb(main):001:0> u = User.all
User Load (20.0ms) SELECT "users".* FROM "users"
=> #<ActiveRecord::Relation [#<User id: 1, email: "testuser@test.com", created_at: "2017-07-05 19:42:19", updated_at: "2017-07-05 21:11:38", username: nil>, #<User id: 2, email: "ajha@test.com", created_at: "2017-07-06 08:45:18", updated_at: "2017-07-06 08:45:18", username: nil>, #<User id: 3, email: "akasd@test.com", created_at: "2017-07-06 08:56:15", updated_at: "2017-07-06 08:56:15", username: nil>, #<User id: 4, email: "rcontest@test.com", created_at: "2017-07-06 09:23:55", updated_at: "2017-07-06 09:23:55", username: nil>]>
