Home/ Questions/Q 7618801
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-31T03:29:55+00:00

i am using the Sorcery gem for authentication. I’ve actually used it an another

  • 0

i am using the Sorcery gem for authentication. I’ve actually used it an another project without any problems, but i suddenly have a weird situation. My model is the originally generated sorcery User model, without any attr_accessible.

Now, i have a seeds file like :

users = {

:hthought => {
  :username => 'jkjhkj',
  :email => 'hkjhk',
  :crypted_password => 'hkjhjkhk',
  :salt => 'hkjhjkhjh',
  :password => '57667'
}

}

users.each do |item, hash|  
    user = User.new(hash)
    user.save!
    hash.each do |attribute, value| 
        user.update_attribute(attribute, value)
    end
end

Which when i execute(with rake db:seed), i get :

rake aborted!
Can't mass-assign protected attributes: crypted_password, salt

Why is that ? I really don’t understand why i get this, since there is no attr_accessible in my User model. Moreover, i use the exact same code in another project and i never got this.

Any ideas why ?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    If you see the sorcery code ( https://github.com/NoamB/sorcery/blob/master/lib/sorcery/model.rb#L82 ), you can see that :

    attr_protected @sorcery_config.crypted_password_attribute_name, @sorcery_config.salt_attribute_name

    So it’s normal to have this protected warning.

    It was adding in this commit : https://github.com/NoamB/sorcery/commit/7c2e846bf5c084bea72eb6477e72daf0177d789e one year ago.

    • 0