设计,如何在没有当前密码的情况下重置密码?

时间:2017-03-29 19:19:45

标签: ruby-on-rails-4 devise

我正在尝试当用户第一次登录时被重定向以更新(更改)他的密码,但似乎我遗漏了一些东西,因为密码没有改变。

这是我的代码,我错过了吗?

ApplicationHelper.rb

  def after_sign_in_path_for(resource)
    if current_user.sign_in_count == 1
      edit_passwords_path
    else
      root_path
    end
  end

PasswordsController.rb

class PasswordsController < ApplicationController

  def edit
  end

  def update
    if current_user.update_without_password(user_params)
      flash[:notice] = "Password updated successfully."
      redirect_to signed_in_root_path(current_user)
    else
      flash[:alert] = "There was a problem, please try again."
      render :edit
    end
  end

  private

    def user_params
      params.require(:user).permit(:password, :password_confirmation)
    end
end

的观点/口令/ _form.html.eb

<%= form_for current_user, url: passwords_path do |f| %>

  current_password:<br />
  <%#= f.password_field :current_password %><br />
  password:<br />
  <%= f.password_field :password %><br />
  password_confirmation:<br />
  <%= f.password_field :password_confirmation %><br />
  <br />
  <%= f.submit %>
<% end %>

的routes.rb

Rails.application.routes.draw do
  resources :tasks
  devise_for :users
  root 'tasks#index'
  resource :passwords
end

日志

Started PATCH "/passwords" for ::1 at 2017-03-29 15:01:07 -0400
Processing by PasswordsController#update as HTML
  Parameters: {"utf8"=>"✓", "authenticity_token"=>"FIxTxsfOML7P7L+xWxznRDcedXOralm7PjSJtpUi+C/4erA6VsvLJACUPFNE+yYXjJFLKWLRYkn0n5VZV2R+6A==", "user"=>{"password"=>"[FILTERED]", "password_confirmation"=>"[FILTERED]"}, "commit"=>"Update User"}
  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."id" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["id", 1]]
   (0.0ms)  begin transaction
   (0.0ms)  commit transaction
Redirected to http://localhost:3000/
Completed 302 Found in 3ms (ActiveRecord: 0.2ms)


Started GET "/" for ::1 at 2017-03-29 15:01:07 -0400
Processing by TasksController#index as HTML
  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."id" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["id", 1]]
  Task Load (0.1ms)  SELECT "tasks".* FROM "tasks"
  Rendered tasks/index.html.erb within layouts/application (0.7ms)
  Rendered layouts/_messages.html.erb (0.0ms)
Completed 200 OK in 28ms (Views: 25.0ms | ActiveRecord: 0.2ms)

1 个答案:

答案 0 :(得分:0)

你可以通过各种方式做到这一点。

视图/口令/ _form.html.eb

<%= form_for current_user, url: passwords_path do |f| %>
  password:<br />
  <%= f.password_field :password %><br />

  password_confirmation:<br />
  <%= f.password_field :password_confirmation %><br />

  <br />
  <%= f.submit %>
<% end %>

PasswordsController.rb

class PasswordsController < ApplicationController
  def update
    if current_user.update_attributes(user_params)
      flash[:notice] = "Password updated successfully."
      redirect_to signed_in_root_path(current_user)
    else
      flash[:alert] = current_user.errors.full_messages.join(', ')
      render :edit
    end
  end

  private

    def user_params
      params.require(:user).permit(:password, :password_confirmation)
    end
end