Create user in Active Admin

Question

I am trying to create users using active admin. I am following along the authentication from scratch railscast to do so. Currently I have set up the resource with the following command:

rails g resource user name:string username:string password_digest:string

Then my user model looks like this:

class User < ActiveRecord::Base
  has_secure_password
  attr_accessible :name, :password, :username

  validates_uniqueness_of :name
  validates_uniqueness_of :username
end

Following along word for word with the railscast for the most part. I then added an active admin resource with the following code:

rails g active_admin:resource user

And my active admin model for user looks like this:

ActiveAdmin.register User do
  index do
    # column "number", :id
    column :name
    column :username
    column :password
    default_actions
  end

  show do
    attributes_table do
      row :name
      row :username
      row :password
    end
  end
end

When I go to create a user I get the following error message:

Can't mass-assign protected attributes: password_digest

I know has_secure_password and bcrypt-ruby change the password for you etc. But I am getting this error.

How can I create a valid user using active admin here?

Answer 1

I'm not sure of the details of the railscast you're referring to, but a common method for storing passwords is to store an encrypted digest rather than the actual password so that someone accessing your database won't have the actual passwords of your users. The password isn't actually saved. Here's one way that can work:

# models/user.rb

def password= new_password
  self.password_digest = ::BCrypt::Password.create(new_password,cost:10).to_s
end

This way, the password_digest is being set before validations so it will pass.