设计无效的忘记密码URL

时间:2014-11-27 13:50:57

标签: ruby-on-rails authentication ruby-on-rails-4 devise

我有模特用户。和模型

CaBase<用户 LaUser<用户

两种型号都有:

devise :database_authenticatable, :recoverable, :rememberable,
     :trackable, :validatable

LaUser-有权访问管理区域的用户。 CaBase - 只能访问前端的用户。

当我在CaBase登录表单上点击忘记密码时,它会通过以下链接向我发送邮件:

site_name/admin/password/edit?reset_password_token=gtwSWQK8HH2-6p4CHp

但我需要它

site_name/password/edit?reset_password_token=gtwSWQK8HH2-6p4CHp

我也在ApplicationController

中有动作
def after_sign_in_path_for(resource)
    if resource.is_a?(LaUser)
      admin_root_path
    else
      dashboard_index_path
    end
  end

  def after_sending_reset_password_instructions_path_for(resource)
    if resource.is_a?(LaUser)
      admin_root_path
    else
      dashboard_index_path
    end
  end

我该怎么办?

UPD1:

get 'dashboard/index'

  ActiveAdmin.routes(self)
  devise_for :la_users, ActiveAdmin::Devise.config
  devise_for :ca_base, path: '', path_names: {sign_in: 'login'}
  # The priority is based upon order of creation: first created -> highest priority.
  # See how all your routes lay out with "rake routes".

  # You can have the root of your site routed with "root"
  root 'welcome#index'

  resource :ca_administrators, only: [:new, :create]

1 个答案:

答案 0 :(得分:0)

问题在于我没有检查哪个角色有当前用户。

Devise Mailer的代码。

 if record.is_a?(LaUser)
      controller = 'active_admin/devise/passwords'
    else
      controller = 'devise/passwords'
    end

    edit_password_url = url_for(
        controller: controller,
        action: :edit,
        reset_password_token: token
    )