我是铁杆新手。我正在使用rails 4.2,我在我的user.rb模型或控制器中破坏了一些东西,这样我就无法在控制台或Web浏览器中使用保存或更新(对于用户的一些变量,我可以更改名称,浏览器中的电子邮件和密码)。我发现了一个类似的问题here,但我无法获得建议。
这是我的代码 用户数据库表
create_table "users", force: :cascade do |t|
t.string "name"
t.string "email"
t.datetime "created_at", null: false
t.datetime "updated_at", null: false
t.string "avatar_file_name"
t.string "avatar_content_type"
t.integer "avatar_file_size"
t.datetime "avatar_updated_at"
t.string "password_hash"
t.string "password_salt"
t.boolean "admin", default: false
end
User.rb
class User < ActiveRecord::Base
has_many :recipes
has_many :comments
#attr_accessible :email, :password, :password_confirmation
attr_accessor :password
before_save :encrypt_password
validates_confirmation_of :password, :on => :create
#validates :name, presence: true, uniqueness: true
#validates :email, presence: true, uniqueness: true
validates :password, presence: true, length: { in: 6..20 }
has_attached_file :avatar, :styles => {
:medium => "300x300>",
:thumb => "100x100>"
},
:default_url => "/images/:style/missing.png",
:bucket =>'davisrecipebook',
:storage => :s3,
:s3_credentials => "#{Rails.root}/config/s3.yml"
#:s3_credentials => Proc.new{|a| a.instance.s3_credentials }
#:storage => :dropbox,
#:dropbox_credentials => Rails.root.join("config/dropbox.yml")
#def s3_credentials
# {:bucket =>'davisrecipebook', :access_key_id => '', :secret_access_key => ''}
#end
validates_attachment_content_type :avatar, :content_type => /\Aimage\/.*\Z/
validates_attachment_size :avatar, :less_than => 10.megabytes
def self.authenticate(email, password)
user = find_by_email(email)
if user && user.password_hash == BCrypt::Engine.hash_secret(password, user.password_salt)
user
else
nil
end
end
def encrypt_password
if password.present?
self.password_salt = BCrypt::Engine.generate_salt
self.password_hash = BCrypt::Engine.hash_secret(password, password_salt)
end
end
end
控制台
2.1.5 :073 > User.last
User Load (0.5ms) SELECT "users".* FROM "users" ORDER BY "users"."id" DESC LIMIT 1
=> #<User id: 7, name: "hate", email: "death", created_at: "2014-12-28 07:32:22", updated_at: "2014-12-28 08:24:01", avatar_file_name: nil, avatar_content_type: nil, avatar_file_size: nil, avatar_updated_at: nil, password_hash: "$2a$10$9rEtvSoO0DOzm5u/Vop0O.5matAM8gTI0t6QZ470UyF...", password_salt: "$2a$10$9rEtvSoO0DOzm5u/Vop0O.", admin: false>
2.1.5 :074 > s = _
=> #<User id: 7, name: "hate", email: "death", created_at: "2014-12-28 07:32:22", updated_at: "2014-12-28 08:24:01", avatar_file_name: nil, avatar_content_type: nil, avatar_file_size: nil, avatar_updated_at: nil, password_hash: "$2a$10$9rEtvSoO0DOzm5u/Vop0O.5matAM8gTI0t6QZ470UyF...", password_salt: "$2a$10$9rEtvSoO0DOzm5u/Vop0O.", admin: false>
2.1.5 :075 > s.admin = true
=> true
2.1.5 :076 > s.save
(0.2ms) BEGIN
User Exists (0.6ms) SELECT 1 AS one FROM "users" WHERE ("users"."name" = 'hate' AND "users"."id" != 7) LIMIT 1
User Exists (0.3ms) SELECT 1 AS one FROM "users" WHERE ("users"."email" = 'death' AND "users"."id" != 7) LIMIT 1
(0.2ms) ROLLBACK
=> false
2.1.5 :077 > s.errors
@messages={:password=>["can't be blank", "can't be blank", "is too short (minimum is 6 characters)"]}>
答案 0 :(得分:2)
问题是,该记录不包含一个名为密码的字段,它有password_hash和password_salt,每当您尝试保存rails时都会查找密码字段,但可以&#39 ;找到它,我说创建一个条件,告诉铁路何时寻找密码,例如
validates :password, if: :password_required?
def password_required?
user.changes.include? :email # just an example
end
这将阻止每次用户更改其帐户中的次要内容时要求passowrd,如果用户更改了他的电子邮件,它将要求输入密码,当然可以添加更多选项。
如果您想暂时强制保存用户,可以告诉rails跳过验证
user.save(validate: false)
另外作为最后一点,使用完善且成熟的身份验证宝石devise更好更安全,它具有您在任何身份验证中所需的所有功能。
答案 1 :(得分:1)
您的验证失败。您对password进行了验证,但数据库中没有密码字段(出于安全考虑,请保存哈希和盐)。
要解决此问题,请添加:on参数以使验证范围仅在创建用户时运行。
validates :password, on: :create, ...
:on - 指定此验证处于活动状态的上下文。默认情况下在所有验证上下文中运行(nil)。您可以传递符号或符号数组。