验证模型问题

Question

我有一个rails 4应用程序，我希望某些书籍需要一个密码才能看到。

我有一个名为Book.rb的模型：

class Book < ActiveRecord::Base
   has_secure_password :validations => false
end

以及具有以下形式的sign_in.html.haml：

= form_for login_book_path do |f| 
   = f.password_field :password
   = f.submit "View Book"

并且登录簿路径路由到以下控制器方法：

def book_login
  @book = Book.find_by(slug: params[:slug])
  respond_to do |format|
     if @book.authenticate(params[:password])
        format.html { redirect_to root_path }
     else
        format.html { render :sign_in }
     end
  end
end

如果我对密码进行硬编码（例如@book.authenticate("thesecretpassword")），它会正确地将我重定向到root_url。但出于某种原因，如果没有硬编码，它就不起作用（只是将我发回给sign_in.html.haml？

当我点击＆＃34; VIEW BOOK＆＃34;时，终端输出到了终端。按钮：

Started POST "/the-wizard-book/sign_in" for 127.0.0.1 at 2015-02-24 14:04:48   -0700
Processing by BooksController#book_login as HTML
Parameters: {"utf8"=>"✓", "authenticity_token"=>"Nx2OkI/FjJwq6zmcT5KLSkQpr9hYa83RL7CFmLQW0/g=", "/the-wizard-book/sign_in"=>{"password"=>"[FILTERED]"}, "commit"=>"View Book", "slug"=>"the-wizard-book"}
Load (0.2ms)  SELECT  "books".* FROM "books"  WHERE "books"."slug" = 'the-wizard-book' LIMIT 1