ruby on rails 4 - devise - send_reset_password_instructions - 重置密码 - 重置密码令牌无效

时间:2018-05-20 04:28:03

标签: ruby-on-rails ruby-on-rails-4 devise reset-password

我在rails版本上使用ruby' 4.2.4'并设计4.0.0

gem 'rails', '4.2.4'
devise (4.0.0)
  bcrypt (~> 3.0)
  orm_adapter (~> 0.1)
  railties (>= 4.1.0, < 5.1)
  responders
  warden (~> 1.2.3)

接管一些由某人制作的代码,他们已经实现了重置密码,但没有完成工作。我正在努力解决它。

从控制台

我尝试使用它:

> u = User.first
> u.send_reset_password_instructions

这是控制台输出:

[15] pry(main)> u.send_reset_password_instructions

Devise::Mailer#reset_password_instructions: processed outbound mail in 37.9ms

    Sent mail to testme@gmail.com (6024.6ms)
    Date: Sun, 20 May 2018 12:13:23 +0800
    From: "My Support" <support@my.org>
    Reply-To: "Harta.Org Support" <support@my.org>
    To: testme@gmail.com
    Message-ID: <5b00f5e3e4f8f_9da3ff91bc336ac799e0@Macbook.local.mail>
    Subject: Reset password instructions
    Mime-Version: 1.0
    Content-Type: text/html;
     charset=UTF-8
    Content-Transfer-Encoding: 7bit

    <p>Hello testme@gmail.com!</p>

    <p>Someone has requested a link to change your password. You can do this through the link below.</p>

    <p><a href="http://localhost:3000/users/password/edit?reset_password_token=qpkCBYwZzmqprudst1oq">Change my password</a></p>

    <p>If you didn't request this, please ignore this email.</p>
    <p>Your password won't change until you access the link above and create a new one.</p>

    => "qpkCBYwZzmqprudst1oq"

收到电子邮件,但是导航到页面(http://localhost:3000/users/password/edit?reset_password_token=qpkCBYwZzmqprudst1oq)并插入新密码会出现此错误

1 error prohibited this user from being saved:
Reset password token is invalid

我检查了用户记录中是否生成了一些令牌:

 reset_password_token: "23837a8b05a8249ac4edf5e3e6b6e8f922277ef409e693cd802bc1707b0838b7",
 reset_password_sent_at: Sun, 20 May 2018 04:13:23 UTC +00:00,

这匹配下面的调试输出:

Started PUT "/users/password" for ::1 at 2018-05-20 12:52:04 +0800
Processing by Devise::PasswordsController#update as HTML
  Parameters: {"utf8"=>"✓", "authenticity_token"=>"NtKJ86mslX4tQ7arV+FcO+5dU4BCvD1A0GRzs9YwqG1h+vsdbEh9FXW+VQLJMnNsTXuJ0VMmC+f9v8/uW56CMQ==", "user"=>{"reset_password_token"=>"[FILTERED]", "password"=>"[FILTERED]", "password_confirmation"=>"[FILTERED]"}}
localhost
Set current domain
{"reset_password_token":"23837a8b05a8249ac4edf5e3e6b6e8f922277ef409e693cd802bc1707b0838b7"}
  Rendered users/shared/_links.html.erb (0.3ms)
  Rendered users/passwords/edit.html.erb within layouts/application (9.5ms)
  Rendered layouts/_navigation.html.slim (2.0ms)
  Rendered layouts/_messages.html.slim (0.1ms)
Completed 200 OK in 243ms (Views: 199.9ms | ActiveRecord: 0.0ms)

问题是什么,如何调试(比如我怎么知道令牌是否正确)并解决这个问题?

我设法覆盖Devise :: PasswordsController以更改controller / users / password_controller中的密码设计。但是,我想现在调试一下,recoverable.rb?我怎样才能覆盖recoverable.rb?我想看看它在这种方法中是如何工作的:

 def reset_password_by_token(attributes={})

0 个答案:

没有答案