This line? Devise Parameter Sanitizer

Hi, wondering if someone could help me understand this line from api/v1/users_controller.rb

    user = User.new(devise_parameter_sanitizer.sanitize(:sign_up))

I think I get the basic idea (we're "sanitizing" any params sent to Devise. But I'm not sure about the :sign_up bit. Unless we're assuming the client might include a "sign_up" key in its payload? Thanks!

Devise has several lists of allowed parameters for different actions. Each one may be slightly different, so they opted to give it a name to differentiate between them. That's what :sign_up stands for.

Thanks!

Follow-up: I'd like to also require a phone number at signup. Is there a config where I can add "phone" to the :signup list of allowed parameters?

Add it in ApplicationController. The Devise docs can walk you through it if you need more details. 👍

I have a related problem: I used curl to test sign up from the api with the jumpstart pro template, but can't get it to work.

I'm getting back:
{"errors":{"email":["can't be blank"],"password":["can't be blank"],"terms_of_service":["can't be blank"],"name":["can't be blank"]}}

But from the rails log it seems these are passed in:
Started POST "/api/v1/users" for ::1 at 2020-08-04 14:23:27 +0300

14:23:27 web.1     | Processing by Api::V1::UsersController#create as JSON

14:23:27 web.1     |   Parameters: {"email"=>"[FILTERED]", "password"=>"[FILTERED]", "name"=>"[FILTERED]"}

14:23:27 web.1     | params:

14:23:27 web.1     | {"email"=>"xxxx", "password"=>"123456", "name"=>"xxxxx", "format"=>:json, "controller"=>"api/v1/users", "action"=>"create"}

I checked and the call to devise_parameter_sanitizer.sanitize(:sign_up) returns {}.

Any idea what I'm doing wrong?

Never mind. I should have put user: in the params like so:
{"user": {"email"=>"xxxx", "password"=>"123456", "name"=>"xxxxx", "format"=>:json}}