I did something different:

In the users_controllers.rb

def edit
  @user = User.find(params[:id])
  params[:action] = :edit
end
def update
  @user = User.find(params[:id])    
  if @user.authenticate(params:user)    
    params[:user].delete :current_password      
    respond_to do |format|      
      if @user.update_attributes(params[:user])
        format.html { redirect_to users_url, notice: "User #{@user.name} was successfully updated." }
        format.json { head :ok }
      else
        format.html { render action: "edit" }
        format.json { render json: @user.errors, status: :unprocessable_entity }
      end
    end      
  else
    redirect_to edit_user_path(@user), notice: 'Current password is incorrect'
  end      
end

in the _form.html.erb (users) I added:

<% if params[:action] == :edit %>
  
<%= f.label :current_password, 'Current password' %> <%= f.password_field :current_password, size: 40 %>
<% end %>

in the edit.html.erb (users) I added:

<% if notice %>

<%= notice %>

<% end %>