How to verify a user's password in Devise
I think this is a better, and more elegant way of doing it:
user = User.find_by_email(params[:user][:email])user.valid_password?(params[:user][:password])
The other method where you generate the digest from the user instance was giving me protected method errors.
Use Devise Methods
Devise provides you with built-in methods to verify a user's password:
user = User.find_for_authentication(email: params[:user][:email])user.valid_password?(params[:user][:password])
For Rails 4+ with Strong Params, you can do something like this:
def login user = User.find_for_authentication(email: login_params[:email]) if user.valid_password?(login_params[:password]) user.remember_me = login_params[:remember_me] sign_in_and_redirect(user, event: :authentication) endendprivatedef login_params params.require(:user).permit(:email, :password, :remember_me)end
I think the better one will be this
valid_password = User.find_by_email(params[:user][:email]).valid_password?(params[:user][:password])