Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

The session param is blocked, devise config doesn't solve it. ("Unpermitted parameter: session") #35

Closed
gbrl opened this issue Sep 28, 2016 · 4 comments

Comments

@gbrl
Copy link

gbrl commented Sep 28, 2016

I added :session to the permissable params, but it doesn't seem to have any effect. I still get a "Unpermitted parameter: session" message:

Started POST "/auth/sign_in" for 127.0.0.1 at 2016-09-28 01:01:41 -0400
Processing by DeviseTokenAuth::SessionsController#create as JSON
  Parameters: {"email"=>"[email protected]", "password"=>"[FILTERED]", "session"=>{"email"=>"[email protected]", "password"=>"[FILTERED]"}}
Unpermitted parameter: session

My controller:

class ProfilesController < ApplicationController
  before_action :set_profile, only: [:show, :update]

  # GET /profiles/1
  def show
    render json: @profile
  end

  # POST /profiles
  def create
    @profile = Profile.new(profile_params)

    if @profile.save
      render json: @profile, status: :created, location: @profile
    else
      render json: @profile.errors, status: :unprocessable_entity
    end
  end

  # PATCH/PUT /profiles/1
  def update
    if @profile.update(profile_params)
      render json: @profile
    else
      render json: @profile.errors, status: :unprocessable_entity
    end
  end


  private
    # Use callbacks to share common setup or constraints between actions.
    def set_profile
      if current_user
        @profile = Profile.find_by_user_id(current_user.id)
      else
        @profile = {}
      end
    end

    # Only allow a trusted parameter "white list" through.
    def profile_params
      params.require(:profile).permit(:session, :first_name, :last_name, :phone, :summary, :industry, :location)
    end
end
@gbrl gbrl changed the title My session being blocked, devise config doesn't solve it. ("Unpermitted parameter: session") The session param is blocked, devise config doesn't solve it. ("Unpermitted parameter: session") Sep 28, 2016
@neroniaky
Copy link
Owner

I think this is related to #28.

@neroniaky
Copy link
Owner

@gbrl could you try if the problem still persists with the latest v0.2.0-beta.4?

@saruuls
Copy link

saruuls commented Nov 30, 2016

The solution is here!
lynndylanhurley/devise_token_auth#130

@neroniaky
Copy link
Owner

Thanks @saruuls !

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

3 participants