Open misham opened 6 years ago
I just started a new project using 0.1.42 with config.check_current_password_before_update = :password
without issue. Everything was out of the generator except no confirmable or omniauthable.
@misham does @nicholasshirley 's workaround/solution work for you?
No, but adding some custom code that does the same flow as what's in master fixed it.
Do you have an estimate for when the next version will drop?
I don't, that's up to @lynndylanhurley .
@misham I hit this as soon as I overrode the passwords controller. How did you end up persisting allow_password_change
?
@nicholasshirley I adopted this solution to my needs: https://github.com/lynndylanhurley/devise_token_auth/issues/604#issuecomment-306018813
Basically, same flow as what's in master, but with slightly different names. Added a column to the User model and used a similar PasswordsController as described in the linked comment.
Summary:
Version: 0.1.42
If
check_current_password_before_update
is set to:password
, user password cannot be updated.render_update_error
is called (https://github.com/lynndylanhurley/devise_token_auth/blob/master/app/controllers/devise_token_auth/passwords_controller.rb#L121) instead of updating.I was able to trace the execution to verify that
@resource.allow_password_change = true;
is never set (https://github.com/lynndylanhurley/devise_token_auth/blob/master/app/controllers/devise_token_auth/passwords_controller.rb#L81)I was able to solve this by commenting out
check_current_password_before_update
line. While is unblocks me for now, I need to have the user provide their current password to update their password.Looks like this was address in this (merged) PR: https://github.com/lynndylanhurley/devise_token_auth/commit/db8d69418b410ed13a0f4e1b46ab672d6ffabbc2#diff-a8896c96c8847a9cc2fe37d3c448849c
However it did not make it into 0.1.42 for some reason?
Or am I doing something wrong here?