ruby on rails - Undefined Method attr_accessible

Question

I am somewhat new to rails and I am trying to create a User login. I went through the tutorial found here. At the end it had me add "attr_accessible" for mass assignment. However when I did that I got the following error:

undefined method `attr_accessible' for #<Class:0x007ff70f276010>

I saw on this post that I neeed < ActiveRecord::Base. But I do have that included. Here is the code for my User Model:

class User < ActiveRecord::Base

  attr_accessor :password
  EMAIL_REGEX = /A[A-Z0-9._%+-]+@[A-Z0-9.-]+.[A-Z]{2,4}z/i
  validates :username, :presence => true, :uniqueness => true, :length => { :in => 3..20 }
  validates :email, :presence => true, :uniqueness => true, :format => EMAIL_REGEX
  validates :password, :confirmation => true #password_confirmation attr
  validates_length_of :password, :in => 6..20, :on => :create
  before_save :encrypt_password
  after_save :clear_password
  attr_accessible :username, :email, :password, :password_confirmation

  def encrypt_password
    if password.present?
      self.salt = BCrypt::Engine.generate_salt
      self.encrypted_password= BCrypt::Engine.hash_secret(password, salt)
    end
  end

  def clear_password
    self.password = nil
  end

end

Any other ideas on what could be causing this problem would be really appreciated, thanks!

Edit: On Rails 4.1. Looks like it doesn't apply anymore. Thanks fotanus

Answer 1

No mass assignment allowed for Rails 4.1

instead of having attr_accessible :username, :email, :password, :password_confirmation in your model, use strong parameters. You'll do this in your UsersController:

    def user_params
      params.require(:user).permit(:username, :email, :password, :password_confirmation)
    end

then call the user_params method in your controller actions.