Friday, November 22, 2013

Upgrading EileensNotes to Rails 4 + DEVISE

My personal project, EileensNotes, has been running on Rails 3 + Ruby 1.9.3 (with Nginx and Passenger) with no issues since its launch.

Recently, I started to study all new great features introduced in Ruby on Rails 4 and decided to upgrade EileensNotes to the new version as well.   So, here I'd like to share with you on what I have done when upgrading to Rails 4.

This is one of series that I will continue to post, so please feel free to ask any questions related to Rails 4 upgrade.  I updated my gem file to ensure that all of my gems support Rails 4.0.0.


DEVISE - one of my core user account management gem


To simply test if my "user login" works ok on Rails 4, I performed the following basic tests manually on my test platform.

  1. Create a new user
  2. Reset my password
  3. Update my account


Before I tested "creating a new user by using SIGN UP," this was the first thing I had to add to application.rb in controller directory.  Take a look at your user model carefully that you created for DEVISE, and you need to update the following protected procedure accordingly.


before_action :configure_permitted_parameters, if: :devise_controller?



protected

# updated to support Rails 4
# secure parameters and permit only these parameters from form for DEVISE

def configure_permitted_parameters
    devise_parameter_sanitizer.for(:sign_in) { |u| u.permit(:email, :password, :remember_me) }
    devise_parameter_sanitizer.for(:sign_up) { |u| u.permit(:email, :password, :password_confirmation) }
    devise_parameter_sanitizer.for(:account_update) { |u| u.permit(:email, :name, :password, :password_confirmation, :current_password) }
end


Ok. After my updating application.rb, the "Sign Up" worked and I had to confirm if my email address was valid.  Since I did not use any local "smtp" or "email emulator" in my development platform, I simply opened a development.log file to search for the body of confirmation email.  I had set up my mailer for DEVISE so that it sent an email having the confirmation token.

I simply copied the confirmation token (URL) and pasted it in my web browser to validate user email address.  This was supposed to simply work, but there was an error so my email couldn't be validated.
There is one change DEVISE made in its new version for Rails 4, and this was what I had to change accordingly to make it work.

There were three places where this change needed to be applied, and they were all in "mailer" for DEVISE.  So, simply search for these three url commands in DEVISE mailer directory and change yours accordingly with bold faced variable name.

confirmation_url(@resource, :confirmation_token => @token) %>
unlock_url(@resource, :unlock_token => @token
edit_password_url(@resource, :reset_password_token => @token)


Now, the URL with a confirmation token should work.
So, I manually deleted a new user from my user table and signed up again.  This time, it looked like the confirmation token URL looked slightly different with a shorter format.
The validation worked with no issue after applying those changes mentioned above.

To ensure @token was the right variable, I performed the following two more tests manually.

  • Resetting a password
  • Updating my password
  • Updating my user account

So far, all sign up/sign in/edit account/reset password worked with no issue.
I was able to log in to EileensNotes test platform and could continue to test rest pieces inside the application.

DEVISE was my main core "user management" gem I chose without any hesitation as it was being widely used in Rails community, and I was always able to get updates from GitHub for changes and additional document.

But, recently, I had chance to read a new book called "Learning Devise for Rails" published by PACKT and I think this is a great extra resource to all Rails developers who currently use/or will use a DEVISE.

Having a set of core Rails books beside you always will make you feel secured.


This is my first series of "Upgrading to Rails 4" and I hope that I helped someone with this blog today.












No comments: