I am writing an API-only Rails 5 application and using the devise-jwt (and devise) gem for user authentication. I am trying to configure strong parameters in my custom registrations_controller. In application_controller.rb:
before_action :configure_permitted_parameters, if: :devise_controller?
def configure_permitted_parameters
devise_parameter_sanitizer.permit(:sign_up, keys: [:first_name, :last_name, :username, :email])
end
And in registrations_controller.rb:
def create
build_resource(sign_up_params)
resource.save
#json response defined in application_controller.rb
render_resource(resource)
end
This is the console's output when I make a POST request to the API via Postman:
Parameters: {"first_name"=>"john", "last_name"=>"stones", "username"=>"johnstones", "email"=>"john@stones.com"}
And this is the output from printing params to the console:
<ActionController::Parameters {"first_name"=>"john", "last_name"=>"stones", "username"=>"johnstones", "email"=>"john@stones.com", "controller"=>"registrations", "action"=>"create"} permitted: false>
Despite the above when I do devise_parameter_sanitizer.sanitize(:sign_up) I get an empty hash and my aforementioned POST throws the validation errors I set for having blank fields. Please help me figure out what I'm missing, thank you.
(Rails 5.2/Devise 4.2)
Param user is missing in your params hash:
{"user": {"first_name"=>"john", "last_name"=>"stones", "username"=>"johnstones", "email"=>"john@stones.com"} }