ruby on rails - Why signing in doesn't work? -

when i'm trying sign in actual user information who's in database, error's being rendered "invalid email/password confirmation.", it's not supposed.

why that?

controllers/sessions_controller.rb

class sessionscontroller < applicationcontroller   def new   end    def create     user = user.authenticate(params[:session][:email], params[:session][:password])      if user.nil?       flash.now[:error] = "invalid email/password confirmation."       render :new     else       sign_in user       redirect_to user     end   end     def destroy     sign_out     redirect_to signin_path   end end 

app/views/sessions/new.html

<h1>sign in</h1>      <% if flash[:error] %>        <p><%= flash[:error] %></p>     <% end %>      <%= simple_form_for(:session, url: sessions_path) |f| %>        <%= f.input :email %>        <%= f.input :password%>        <%= f.button :submit %>      <% end %>      <p>new user? <%= link_to "sign now!", signup_path %></p> 

app/helpers/sessions_helper.rb

module sessionshelper    def sign_in(user)     session[:user_id] = user.id     self.current_user = user   end    def current_user=(user)     @current_user = user   end    def current_user     if session[:user_id]     @current_user ||= user.find(session[:user_id])     end   end    def signed_in?     !current_user.nil?   end    def sign_out     session[:user_id] = nil     self.current_user = nil   end    def current_user?(user)     user == current_user   end    def deny_access     redirect_to signin_path, notice: "please sign in access page."   end  end 

models/user.rb

class user < activerecord::base  has_many :tasks    attr_accessor :password, :salt, :encrypted_password   email_regex = /\a[\w+\-.]+@[a-z\d\-.]+\.[a-z]+\z/i   validates :first_name, presence: true,             length: {maximum: 20}   validates :last_name,  presence: true,             length: {maximum: 40}   validates :email, presence: true,             format: {with: email_regex},             uniqueness:  {case_sensitive: false}   validates :password, presence: true,             confirmation: true,             length: {within: 6..40}    before_save :encrypt_password    def has_password?(submitted_password)     encrypted_password == encrypt(submitted_password)   end    def self.authenticate(email, submitted_password)     user = find_by_email(email)      return nil if user.nil?     return user if user.has_password?(submitted_password)   end    private     def encrypt_password       self.salt = digest::sha2.hexdigest("#{time.now.utc}--#{password}")        self.encrypted_password = encrypt(password)     end      def encrypt(pass)       digest::sha2.hexdigest("#{self.salt}--#{pass}")     end    end 

can help?

from code, see there confirmation :true password don't have password_confirmation field in form. try including it

<%= f.input :password_confirmation %>

and include attr_accessor in user model.

if don't want confirmation field password, remove confirmation: true password in validations.

validates :password, presence: true, length: {within: 6..40}