Rails 5 model objects not showing all Devise attributes

Question

I am using Rails 5 API with devise. I have a User model. Schema looks like this.

create_table "users", force: :cascade do |t|
    t.string   "email",                  default: "", null: false
    t.string   "encrypted_password",     default: "", null: false
    t.string   "reset_password_token"
    t.datetime "reset_password_sent_at"
    t.datetime "remember_created_at"
    t.integer  "sign_in_count",          default: 0,  null: false
    t.datetime "current_sign_in_at"
    t.datetime "last_sign_in_at"
    t.inet     "current_sign_in_ip"
    t.inet     "last_sign_in_ip"
    t.datetime "created_at",                          null: false
    t.datetime "updated_at",                          null: false
    t.index ["email"], name: "index_users_on_email", unique: true, using: :btree
    t.index ["reset_password_token"], name: "index_users_on_reset_password_token",    unique: true, using: :btree
  end

But the issue I am having is Rails only showing :id , :email , :created_at , :updated_at attributes as part of model. For example, in rails console

 User.new
 => #<User id: nil, email: "", created_at: nil, updated_at: nil> 

 User.first
  User Load (0.5ms)  SELECT  "users".* FROM "users" ORDER BY "users"."id" ASC LIMIT $1  [["LIMIT", 1]]
 => #<User id: 2, email: "your@email.com", created_at: "2016-09-22 03:58:04", updated_at: "2016-09-22 04:54:41">

But these attributes exist in database.This problem is mentioned earlier . Devise with rails 5 . But no answers there .Please help.

`User.first.to_json` – Deepak Mahakale Sep 22 '16 at 07:34 — Deepak Mahakale, Sep 22 '16 at 07:34

score 12 · Accepted Answer · edited Sep 22 '16 at 08:44

12

Devise restricts attributes like encrypted_password so that the critical information doesn't get exposed in API calls. So to override this, you need to override serializable_hash method.

def serializable_hash(options = nil) 
  super(options).merge(encrypted_password: encrypted_password) 
end

This is not a Rails 5 specific feature but a Devise feature to protect your attributes.

Hope that helps!

edited Sep 22 '16 at 08:44

siegy22

4,295
3
25
43

answered Sep 22 '16 at 07:53

Rajdeep Singh

17,621
6
53
78

Yes. Thats what I was looking for. This didnt happen in earlier Rails 4.2 projects built with devise. Not sure why ? – narym Sep 22 '16 at 08:02
1

I am not sure but Devise used to do this in Rails 3, but this is interesting. I will look into it. – Rajdeep Singh Sep 22 '16 at 08:04
1

I just checked in some of my earlier Rails 4 projects , all attributes are shown there. Devise 3.5.5. – narym Sep 22 '16 at 08:08
1

Why not just use `.attributes` instead of overriding devise methods? – siegy22 Sep 22 '16 at 08:30

score 10 · Answer 2 · answered Sep 22 '16 at 07:39

This is probably because devise does not expose their internal attributes.

So to get all attributes you can use .attributes (documented here) which returns a hash, on which you can call to_json:

user = User.find(1)
user.attributes.to_json # => contains all fields like reset_password_token etc.

score 5 · Answer 3 · answered Sep 22 '16 at 07:24

5

Try attributes method

User.first.attributes

answered Sep 22 '16 at 07:24

Bartłomiej Gładys

4,525
1
14
24

That gives all the attributes. But why only some attributes are appearing for User.first . For example , @user.to_json doesnt add all attributes. Thus messing up devise gem's json responses. – narym Sep 22 '16 at 07:29
try `@user.attributes.to_json` – Bartłomiej Gładys Sep 22 '16 at 07:35
Hey Bartek, I can get the attributes this way. But my question is , why doesnt `User.first` show all attributes. ? – narym Sep 22 '16 at 07:42
I think devise protect against something data lake. – Bartłomiej Gładys Sep 22 '16 at 07:44

Rails 5 model objects not showing all Devise attributes

3 Answers3

Linked