I get this error
ActiveModel::MassAssignmentSecurity::Error in SessionsController#create
Can't mass-assign protected attributes: created_at, updated_at
I think I can add some codes to solve this problem.
class User < ActiveRecord::Base
attr_accessible :email, :nickname, :authentications_attributes, :created_at, :updated_at
Why Omniauth changes the created_at and updated_at? In addition to add "attr_accessible :created_at, :updated_at", there are other ways?
This is my models/user.rb
class User < ActiveRecord::Base
attr_accessible :email, :nickname, :authentications_attributes, :created_at, :updated_at
validates :nickname, :presence => true
validates :email, :presence => true, :uniqueness => true
has_many :authentications
accepts_nested_attributes_for :authentications
class << self
def from_auth(auth)
Authentication.find_by_provider_and_uid(auth[:provider],
auth[:uid]).try(:user) ||
create!(
:nickname => auth[:info][:nickname],
:email => auth[:info][:email],
:authentications_attributes => [
Authentication.new(:provider => auth[:provider],
:uid => auth[:uid]
).attributes
])
end
end
end
This is my models/identity.rb
class Identity < OmniAuth::Identity::Models::ActiveRecord
attr_accessible :nickname, :email, :password, :password_confirmation, :authentications_attributes
validates_presence_of :nickname, :email
validates_uniqueness_of :nickname, :email
validates_format_of :email, :with => /^[-a-z0-9_+\.]+\@([-a-z0-9]+\.)+[a-z0-9]{2,4}$/i
end
This is my models/authentication.rb
class Authentication < ActiveRecord::Base
attr_accessible :user_id, :provider, :uid, :authentications_attributes, :created_at, :updated_at
validates :provider, :presence => true, :uniqueness => {:scope => :user_id}
validates :uid, :presence => true, :uniqueness => {:scope => :provider}
belongs_to :user
end
This is my controllers/sessions_controller.rb
class SessionsController < ApplicationController
def create
user = User.from_auth(request.env['omniauth.auth'])
session[:user_id] = user.id
flash[:notice] = "Welcome #{user.nickname}"
redirect_to root_path
end
end
Thanks for your thoughts and pointers.
The problem is this bit of code:
Authentication.new(:provider => auth[:provider],
:uid => auth[:uid]
).attributes
This will return the full set of attributes, including the created_at and updated_at dates, which you're then passing to create, so mass assigning.
You could create the user, then build the attributes like so:
authentication = Authentication.find_by_provider_and_uid(auth[:provider],
auth[:uid]).try(:user)
unless authentication
user = create!(
:nickname => auth[:info][:nickname],
:email => auth[:info][:email])
user.authentications.build(:provider => auth[:provider])
end