Sign in via phone number doesn't seem to work correctly

[sarovin]

Then I change the form to pass "telephone" and "password" to the server and I get Status 403 Forbidden.

Processing by DeviseTokenAuth::RegistrationsController#create as JSON
  Parameters: {"telephone"=>"1234567899", "password"=>"[FILTERED]", "password_confirmation"=>"[FILTERED]", "confirm_success_url"=>"http://localhost:3000/"}
Unpermitted parameters: confirm_success_url, format
Unpermitted parameters: confirm_success_url, format
Unpermitted parameters: confirm_success_url, format
   (0.1ms)  begin transaction
   (0.3ms)  SELECT COUNT(*) FROM "users" WHERE "users"."provider" = ? AND "users"."email" IS NULL  [["provider", "email"]]
   (0.1ms)  rollback transaction
Completed 403 Forbidden in 170ms (Views: 0.6ms | ActiveRecord: 1.1ms)

i have follow this how to ==> https://github.com/plataformatec/devise/wiki/How-To:-Allow-users-to-sign-in-with-something-other-than-their-email-address

The JSON response is:

"errors":{"email":["can't be blank","is not an email"],"full_messages":["Email can't be blank","Email is not an email"]}

My user.rb:

class User < ActiveRecord::Base

  devise :database_authenticatable, :registerable,
    :recoverable, :rememberable, :trackable, :validatable,
    :confirmable, :omniauthable, :authentication_keys => [:telephone]

  include DeviseTokenAuth::Concerns::User

  def email_required?
    false
  end

  def email_changed?
    false
  end
end

My application_controller:

class ApplicationController < ActionController::API
  include DeviseTokenAuth::Concerns::SetUserByToken
  respond_to :json
  before_action :ensure_json_request  
  before_action :configure_permitted_parameters, if: :devise_controller?

  def ensure_json_request  
    return if request.format == :json
    render :nothing => true, :status => 406  
  end

  protected

  def configure_permitted_parameters
    devise_parameter_sanitizer.for(:sign_in)        << :telephone
    devise_parameter_sanitizer.for(:sign_up)        << :telephone
    devise_parameter_sanitizer.for(:account_update) << :telephone
  end
end

[campo]

Just some information and a +1 for improving functionality for signing in with something other than email (or improving information/examples about doing so).

My app is set up to login using username (because I don't want to require use of an email address on my app) and I encounter this problem as well.

I haven't dug into it too deeply yet but I have been able to get sign in via POST request to work with username and password, but the User object does need to have a valid email address attribute. User objects also don't save from console without a valid email. I expect this is happening because there's a validation happening with devise_token_auth somewhere that I haven't tracked down yet. My sign in via POST request returns all the headers expected, and sets the uid to be the value of the email attribute on the User object.

[danielneis]

Hello,

it seems that the plugin does not handle multiple authentication_keys correctly.
I need to a second field other than email and had to make some changes.
It may be of your interest:
#949

[codeundercoverdev]

Has anyone figured this out?

[ceoooooo]

I got a login via phone number

ActiveRecord::RecordInvalid (Validation failed: Uid can't be blank)
there was a problem with validating the uid that it is empty

My User.rb

class User < ActiveRecord::Base
  devise :database_authenticatable, :registerable,
         :recoverable, :rememberable, :trackable, :validatable,
         authentication_keys: [:phone]

  before_validation do
    self.uid = phone if uid.blank?
  end
  .....

My migrate devise

      t.string :provider, :null => false, :default => "phone"
      t.string :uid, :null => false, :default => ""

My application_controller.rb

def provider
  super
  'phone'
end

I solved the problem and everything works as it should, I think so 💰😊
can be fixed if something is wrong 💎

[apuntovanini]

@ceo-ooo-ooo it works! Nice! Thank you!