I want to let user update user account info without password, unless he/she wants to change password. By default, devise requires the user to enter current password when user wants to change any field in the devise user model.

Version of Ruby, Rails and Devise:

• ruby-2.4.0
• rails-5.1.4
• devise-4.3.0

Solution

Create your registration controller in app/controllers/registrations_controller.rb

class RegistrationsController < Devise::RegistrationsController

  protected

  def update_resource(resource, params)
    # Require current password if user is trying to change password.
    return super if params["password"]&.present?

    # Allows user to update registration information without password.
    resource.update_without_password(params.except("current_password"))
  end
end

Tell Devise that you use your registrations controller defined in app/controllers/registrations_controller.rb.

# config/routes.rb
devise_for :users, controllers: { registrations: "registrations" }

Resources

• stackoverflow.com/questions/23067299/devise..
• github.com/plataformatec/devise/wiki/How-To..