Rails4 StrongParameters with Devise and multiple resources

2013-03-27

First of all, we override the controllers where we need to explicitly authorize params, in this case PasswordsController and RegistrationsController should accept email, password and password_confirmation by default:

# app/controllers/custom_devise/password_controller.rb

class CustomDevise::PasswordsController < Devise::PasswordsController
  def resource_params
    params.require(resource_name).permit(:email, :password, :password_confirmation)
  end
  private :resource_params
end

# app/controllers/custom_devise/registrations_controller.rb

class CustomDevise::RegistrationsController < Devise::RegistrationsController
  def resource_params
    params.require(resource_name).permit(:name, :email, :password, :password_confirmation)
  end
  private :resource_params
end

Then, we need to tell Devise to use these controllers instead of the default ones:

# config/routes.rb

devise_for :users, controllers: {
  registrations: "custom_devise/registrations",
  passwords: "custom_devise/passwords"
}

devise_for :admins, controllers: {
  registrations: "custom_devise/registrations",
  passwords: "custom_devise/passwords"
}

enjoy :-)