app/controllers/users/registrations_controller.rb
class Users::RegistrationsController < Devise::RegistrationsController
prepend_before_filter :require_no_authentication, only: [ :new, :create, :cancel ]
prepend_before_filter :authenticate_scope!, only: [:edit, :update, :destroy]
# POST /resource
def create
build_resource(sign_up_params)
resource.name = params[:user][:name]
resource.save
yield resource if block_given?
if resource.persisted?
if resource.active_for_authentication?
set_flash_message :notice, :signed_up if is_flashing_format?
sign_up(resource_name, resource)
respond_with resource, location: after_sign_up_path_for(resource)
else
set_flash_message :notice, :"signed_up_but_#{resource.inactive_message}" if is_flashing_format?
expire_data_after_sign_in!
respond_with resource, location: after_inactive_sign_up_path_for(resource)
render 'new'
end
else
clean_up_passwords resource
# set_minimum_password_length
respond_with resource
end
end
def update
@user = User.find(current_user.id)
successfully_updated = if needs_password?(@user, params)
@user.update_with_password(account_update_params)
# Rails 3: @user.update_with_password(params[:user])
else
# remove the virtual current_password attribute update_without_password
# doesn't know how to ignore it
params[:user].delete(:current_password)
@user.update_without_password(account_update_params)
# Rails 3: @user.update_without_password(params[:user])
end
if successfully_updated
set_flash_message :notice, :updated
# Sign in the user bypassing validation in case his password changed
sign_in @user, :bypass => true
redirect_to after_update_path_for(@user)
else
render 'edit'
end
end
private
def needs_password?(user, params)
user.email != params[:user][:email] ||
params[:user][:password].present?
end
end