我正在使用devise进行身份验证,并且恢复密码表单存在问题,该表单的链接是通过电子邮件发送的。当我定义新密码时,表单将发送POST请求,而不是PUT。它使用“电子邮件不能为空”通知重定向到用户/密码#。
因此,edit.html.erb具有方法::放置,但不起作用。
<%= form_for(resource, as: resource_name, url: user_password_path(resource_name), html: { method: :put }) do |f| %>
我整天都被困在这里,还没有找到出路
这是完整的edit.html.erb
<h2>Change your password</h2>
<%= form_for(resource, as: resource_name, url: user_password_path(resource_name), method: :PUT) do |f| %>
<%= render "devise/shared/error_messages", resource: resource %>
<%= f.hidden_field :reset_password_token %>
<div class="field">
<%= f.label :password, "New password" %><br />
<% if @minimum_password_length %>
<em>(<%= @minimum_password_length %> characters minimum)</em><br />
<% end %>
<%= f.password_field :password, autofocus: true, autocomplete: "new-password" %>
</div>
<div class="field">
<%= f.label :password_confirmation, "Confirm new password" %><br />
<%= f.password_field :password_confirmation, autocomplete: "new-password" %>
</div>
<div class="actions">
<%= f.submit "Change my password" %>
</div>
<% end %>
这是生成的表单
<h2>Change your password</h2>
<form class="new_user" id="new_user" action="/user/password.user" accept-charset="UTF-8" method="post"><input name="utf8" type="hidden" value="✓" /><input type="hidden" name="_method" value="patch" /><input type="hidden" name="authenticity_token" value="Zf5rxkU11tVmt4i8hDpFPDL5y+/jzRQT/O/si6RnraidCN5vxofmVS1abO4nJ8iqlncZfCRr1jdLjMfxwMx45A==" />
<input type="hidden" value="xk6EkLsyxCyvvpDyY6Ug" name="user[reset_password_token]" id="user_reset_password_token" />
<div class="field">
<label for="user_password">New password</label><br />
<em>(6 characters minimum)</em><br />
<input autofocus="autofocus" autocomplete="new-password" type="password" name="user[password]" id="user_password" />
</div>
<div class="field">
<label for="user_password_confirmation">Confirm new password</label><br />
<input autocomplete="new-password" type="password" name="user[password_confirmation]" id="user_password_confirmation" />
</div>
<div class="actions">
<input type="submit" name="commit" value="Change my password" data-disable-with="Change my password" />
</div>
</form>
我的密码控制器
# frozen_string_literal: true
# Deals with user login and generates JWT
class User::PasswordsController < Devise::PasswordsController
prepend_before_action :require_no_authentication
# Render the #edit only if coming from a reset password email link
append_before_action :assert_reset_token_passed, only: :edit
skip_before_action :verify_authenticity_token
respond_to :json
wrap_parameters :user
before_action :configure_permitted_parameters, if: :devise_controller?
def create
super
end
def edit
super
end
def update
super
end
def new
super
end
end
我的路线.rb
constraints subdomain: 'api' do
scope module: 'user' do
devise_for :users,
path: '/user',
path_names: {
registration: 'signup',
sign_in: 'login',
sign_out: 'logout'
},
controllers: {
sessions: 'user/sessions',
registrations: 'user/registrations',
passwords: 'user/passwords'
}
服务器日志
答案 0 :(得分:1)
我使用Devise密码重置功能遇到了同样的问题。我将Devise添加到API Rails应用程序(config.api_only = true
)中,显然Rack::MethodOverride
中间件负责API的隐藏方法属性,并将该请求更改为PUT / PATCH请求,未包含在API中-仅中间件堆栈。结果,该请求仍将它作为POST请求发送到主应用。
我向config/application.rb
添加了以下行,从而解决了该问题:
config.middleware.insert_after Rack::Runtime, Rack::MethodOverride