Search code examples
ruby-on-railsomniauthruby-on-rails-4.2omniauth-twitter

Validation failed: Password can't be blank

I have an app, build on Rails 4.2 and tried to do twitter authentication, using RailsCasts #241 Simple OmniAuth.
But have this issue: Validation failed: Password can't be blank!
I searched answer everywhere, but did not find the solution!

user.rb

class User < ActiveRecord::Base

    has_secure_password
    validates :password, length: { minimum: 6 }, allow_blank: true
    def self.create_with_omniauth(auth)
        create! do |user|
            user.provider = auth.provider
            user.uid = auth.uid
            user.name = auth.info.name
        end
    end
end

sessions_controller.rb 

class SessionsController < ApplicationController
   def login
   end

   def create
       @user = User.find_by_email(params[:email])
       if @user && @user.authenticate(params[:password])
           session[:user_id] = @user.id
           redirect_to root_path
       else
           redirect_to :back
       end
   end

   def create_session
       auth = request.env['omniauth.auth']
       user = User.find_by_provider_and_uid(auth['provider'], auth['uid'])    || User.create_with_omniauth(auth)
       session[:user_id] = user.id
       redirect_to root_url, notice: 'Signed in!'
   end

   def logout
       reset_session
       redirect_to root_path
   end
end

routes.rb 

  get 'sessions/login'
  get 'sessions/logout'
  post 'sessions' => 'sessions#create'

  get '/auth/:provider/callback' => 'sessions#create_session'
  post '/auth/:provider/callback' => 'sessions#create_session'

  get 'registration' => 'users#new', as: 'registration'

Solution
After editing user.rb model looks like:

class User < ActiveRecord::Base

    has_secure_password
    validates :password, length: { minimum: 6 }
    require 'securerandom'
    def self.create_with_omniauth(auth)
       create! do |user|
          user.provider = auth.provider
          user.uid = auth.uid
          user.name = auth.info.name
          user.password = SecureRandom.urlsafe_base64
       end
    end
end
Solution

  • An alternative approach is to enter a random password on user creation. For example as shown in the omniauth-google-oauth2 readme. So you could alter your code to this:

    require 'securerandom'
def self.create_with_omniauth(auth)
    create! do |user|
        user.provider = auth.provider
        user.uid = auth.uid
        user.name = auth.info.name
        user.password = SecureRandom.urlsafe_base64
    end
end