出于某种原因,在我的应用程序中,当用户更新密码时正在跳过验证。帮我改变一下。
更新方法:
def update
if params[:user][:password]
if current_user
user = User.authenticate(params[:email], params[:user][:old_password])
if user
params[:user].delete :old_password
if user.save
redirect_to root_url, :notice => "Password has been changed!"
else
render 'edit'
end
else
# old_password was incorrect
end
else
# changing password while logged out
end
end
end
用户模型:
class User < ActiveRecord::Base
attr_accessible :email, :password, :password_confirmation
attr_accessor :password
before_save :encrypt_password
VALID_PASSWORD_REGEX = /^(?=.*[a-zA-Z])(?=.*[0-9]).{6,}$/
validates_confirmation_of :password
validates :password, presence: true, format:{ with: VALID_PASSWORD_REGEX }, if: proc{ password_salt.blank? || password_hash.blank? }
end
答案 0 :(得分:0)
如果您需要更新用户密码的方法,这可能会对您有所帮助:
https://stackoverflow.com/a/19697808/1758714
我使用Sorcery进行身份验证,因此代码可能需要更改一点。