我有一个使用Devise和可确认模块的rails 3应用程序。但是,阻止新注册的用户访问该站点,直到他们确认其电子邮件导致保留问题。相反,我们希望立即授予用户访问和仍然向他们发送确认电子邮件。然后,我们会运行后台任务来锁定在固定时间段内未确认其电子邮件的用户。
可确认模块可以实现吗?有没有办法仍然创建一个没有使用可确认模块确认其电子邮件的活动资源(用户)?关于实施这个的一般建议吗?
答案 0 :(得分:4)
我相信您可以使用confirm_within来指定锁定约束。您可以在调用devise_for时启用此功能。
http://rubydoc.info/github/plataformatec/devise/master/Devise/Models/Confirmable
此外,您可以选择通过查看已确认的用户“仅”将某些行为限制为已确认的用户?您的用户模型的状态。您可以在控制器中执行此操作,也可以使用CanCan或其他任何操作。您网站上的某些任务可能不需要确认;当用户与其他人互动或者可以使用您的网站发送某些通知/电子邮件等时,您可能需要更多这样的信息。
答案 1 :(得分:2)
为接受的答案添加更多详细信息。是的,您可以使用confirm_within,但是当您致电devise而不是devise_for时,您需要执行此操作。
class User
devise :database_authenticatable, :encryptable, :confirmable, :rememberable, :timeoutable, :lockable,
:stretches => 15, :pepper => 'abcdef', :confirm_within => 5.days,
:remember_for => 7.days, :timeout_in => 15.minutes, :unlock_in => 10.days
end
以上代码来自设计模型测试
您还可以使用config/initializers/devise.rb
config.confirm_within = 10.days文件中设置设置
答案 2 :(得分:1)
嗯,我认为正确的标志是allow_unconfirmed_access_for:
config.allow_unconfirmed_access_for = 5.days
confirm_within只是指定电子邮件令牌有多长时间。
来自config/initializers/devise.rb的更多内容:
# ==> Configuration for :confirmable
# A period that the user is allowed to access the website even without
# confirming his account. For instance, if set to 2.days, the user will be
# able to access the website for two days without confirming his account,
# access will be blocked just in the third day. Default is 0.days, meaning
# the user cannot access the website without confirming his account.
# config.allow_unconfirmed_access_for = 2.days
# A period that the user is allowed to confirm their account before their
# token becomes invalid. For example, if set to 3.days, the user can confirm
# their account within 3 days after the mail was sent, but on the fourth day
# their account can't be confirmed with the token any more.
# Default is nil, meaning there is no restriction on how long a user can take
# before confirming their account.
# config.confirm_within = 3.days