Rails Devise email only registration - confirmation with password and names

Question

I set the Devise to allow an email only registration process that sends an email with a link to confirm account by setting password. I would like to set the firstname and lastname at the same time than password setup (and account confirmation) but I don't know how to do.

Here is my confirmation controller (working), Crafter being my standard User. I tried Crafter.update_attributes(params[:crafter]) with no luck. Any help would be wonderful. TY.

  def update
    with_unconfirmed_confirmable do
      if @confirmable.has_no_password?
        @confirmable.attempt_set_password(params[:crafter])
        if @confirmable.valid?
                    @confirmable.update_attributes(params[:crafter])
          do_confirm
        else
          do_show
          @confirmable.errors.clear #so that we wont render :new
        end
      else
        self.class.add_error_on(self, :email, :password_allready_set)
      end
    end

    if !@confirmable.errors.empty?
      render 'devise/confirmations/new' #Change this if you don't have the views on default path
    end
  end

  def do_show
    @confirmation_token = params[:confirmation_token]
    @requires_password = true
    self.resource = @confirmable
    render 'devise/confirmations/show' #Change this if you don't have the views on default path
  end

  def do_confirm
    @confirmable.confirm!
    set_flash_message :notice, :confirmed
    sign_in_and_redirect(resource_name, @confirmable)
  end

And my "confirm account" form :

<%= form_for resource, :as => resource_name, :url => update_user_confirmation_path, :html => {:method => 'patch', class: "form-horizontal", role: "form"}, :id => 'activation-form' do |f| %>

<%= f.text_field :firstname, autofocus: true, placeholder: "Firstname", class: "form-control" %>
<%= f.text_field :lastname, placeholder: "Lastname", class: "form-control" %>
<% if @requires_password %>
<%= f.password_field :password, autofocus: true, placeholder: "Choose A Password", class: "form-control" %>
<%= f.password_field :password_confirmation, placeholder: "Confirm Password", class: "form-control" %>  
<% end %>
<%= hidden_field_tag :confirmation_token,@confirmation_token %>

Answer 1

It's hard to tell but I'd guess you're not getting the firstname , lastname params passed to the controller.

Rails 4 uses something called strong parameters ; the README there has lots of good info if you want to go beyond my example below.

In your ApplicationController you need to allow for additional params, add these lines:

app/controllers/application_controller.rb

  before_filter :configure_permitted_parameters, if: :devise_controller?

  protected

  def configure_permitted_parameters
    devise_parameter_sanitizer.for(:account_update) do |u|
      u.permit(:firstname, :lastname, :email, :current_password, :password, :password_confirmation)
    end
  end

That should fix things.
In your CrafterController you could do something like this:

@confirmable.update_with_password(account_update_params)

Just do be a bit cleaner