Home > other >  how to hide info that email is already registered with devise rails
how to hide info that email is already registered with devise rails

Time:08-24

I have set confirmable in my devise user model but when I try to register email, which is already registered, I get error that email is registered or waiting for confirmation.

This is correct but for security reasons I want to always show something like "confirmation email has been sent to email address" so nobody can figure out which emails are already registered in the app.

Is this somewhere in devise config? Or do I have to manually modify registration controller to not throw any error if email exists in db?

CodePudding user response:

The best way is way is to manually modify from registration controller (https://github.com/heartcombo/devise#configuring-controllers), you can rescue the error and changes the flash message.

CodePudding user response:

I borrowed has_duplicate_email? from this post , checked devise source code and then modified create in registration controller and routes to use it. I hope it helps somebody

def has_duplicate_email?
    return false unless resource.errors.has_key?(:email)
    resource.errors.details[:email].any? do |hash|
      hash[:error] == :taken
    end
  end

def create
     super do |resource|
        if has_duplicate_email?
         set_flash_message! :notice, :"signed_up_but_#{resource.inactive_message}"
         expire_data_after_sign_in!
         redirect_to root_path and return
       end
     end
   end

 devise_for :users, :controllers => {:registrations => "users/registrations"}

Page link:https//www.codepudding.com/other/519548.html

Prev:How to make a trigger with Rails 7 and PostgreSQL
Next:Is it possible to make a class_attribute private or protected in Rails?
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding