我在登录前进行额外的密码规则检查。如果检查失败,我会重定向到重置页面。问题是在到达用户登录的创建功能之前。 有没有办法阻止此登录。这是在Rails 3.0.19中,并且在登录时使用了设计(1.4.5)。
module Users
class SessionsController < Devise::SessionsController
def create
user = User.where("email=?", params['user']['email']).first
if user.valid_password?(params['user']['password'])
unless user.validate_password_rule?(params['user']['password'])
session[:reset_email] = user.email
redirect_to '/user/reset'
else
super
end
else
super
end
end
end
end
的routes.rb
Brc::Application.routes.draw do
match 'sitemap', :controller => 'sitemaps', :action => 'index'
devise_for :users, :controllers => {
:sessions => "users/sessions",
:passwords => "users/passwords",
:registrations => "users/registrations",
:passwords => "users/passwords",
:confirmations => "users/confirmations"
} do
resource :account
end
devise_scope :user do
match "/change_password" => "users/registrations#change_password", :method => :get
end
resources :user do
collection do
get :home
get :reset
post :reset_password
get :reset_password
end
member do
get :index
end
end
if Rails.env == "test"
# Hack because I couldn't figure out how to get Rails
# to programmatically add a route. See :redirect_initial_subscribers
# from ApplicationController and its associated spec for the use case.
resources :test
end
end