How to get password from database using devise

Hi all

I'm using rails 3.2.1 + devise 2.0.4

My problem is that in my website only : Admin will create new users no
direct registration for users. Now when Admin create new_user
confirmation mail will be send to the user email id. The content of the
mail is

    user_name
    user_password

But the password come in encrypted format.

How I'll get password in readable form.

Hi all

I'm using rails 3.2.1 + devise 2.0.4

My problem is that in my website only : Admin will create new users no
direct registration for users.

The way that I handle this in my applications is to use Devise Invitable, and then restrict the invitation privilege to admins. You don't get to know the password, because the user sets it herself when she accepts the invitation. But everything else just works. Since you aren't using registerable, you will need to provide your own "Update my Profile" method in a controller if you want to allow the user to update his profile, but that's covered in the Wiki.

Walter

Why do you want the password in “readable” form? That goes against the most basic point of even having a password…

Hi all

I'm using rails 3.2.1 + devise 2.0.4

My problem is that in my website only : Admin will create new users no
direct registration for users. Now when Admin create new_user
confirmation mail will be send to the user email id. The content of the
mail is

user_name
user_password

But the password come in encrypted format.

How is the initial pwd being setup? If the admin is providing a
password then put that in the email.

Colin

He disallows users to register. So only admin can create a user
account, so he wants the system to send a message to the user that his
account was created with such and such login and pass.

Why do you want the password in “readable” form? That goes against

the most basic point of even having a password…

He disallows users to register. So only admin can create a user

account, so he wants the system to send a message to the user that his

account was created with such and such login and pass.

I understand the use case, but still doesn’t make sense to store the password in plain text in the database. It’s actually even more pointless if all the users are admins… then they call all just see each others’ passwords. And it gives the illusion of security, when in actuality it’s one params vulnerability away from giving all-encompassing access to any hacker that wants it

Tyler wrote in post #1065431: