ruby-on-rails – 设计：允许用户仅重置密码

发布时间：2020-12-17 02:34:16 所属栏目：百科来源：网络整理

导读：我有一个非常标准的用户模型与Devise.管理员在模型上使用：admin boolean进行控制,非管理员的用户无法自行管理(即,只有管理员才能对用户进行更改). 我想要的是允许用户忘记密码时重置密码.他们会输入他们的电子邮件地址,然后通过电子邮件发送一个令牌,授予他

我有一个非常标准的用户模型与Devise.管理员在模型上使用：admin boolean进行控制,非管理员的用户无法自行管理(即,只有管理员才能对用户进行更改).

我想要的是允许用户忘记密码时重置密码.他们会输入他们的电子邮件地址,然后通过电子邮件发送一个令牌,授予他们更改权限的权限.我已经开始了解决方案,但我真的不知道如何继续.

user.rb

class User < ActiveRecord::Base
  devise :database_authenticatable,:registerable,:recoverable,:rememberable,:trackable,:validatable
  attr_accessor :current_password
  attr_accessible :name,:password,:password_confirmation,:current_password,:email,:remember_me,:ftp,:colour1,:colour2,:logo,:logo2,:address,:url,:disclosure,:general_advice,:facebook,:twitter,:brand_id,:analytics
  attr_protected :admin
  validates_uniqueness_of :email,:ftp
  belongs_to :brand
  has_many :docs
  has_many :orders,:through => :docs
  has_attached_file :logo
  has_attached_file :logo2
end

class Ability
  include CanCan::Ability
  def initialize(user)
    user ||= User.new #guesting
    if user.admin?
      can :manage,:all
    else
      can :manage,:recoverable
    end
  end
end

这是方法：

def reset
  @idiot = User.where(:email => params[:email]).first
    unless @idiot.nil?
      Notifier.send_reset_notice(@idiot).deliver
      @idiot.send_reset_password_instructions
      redirect_to new_user_session_url
    else
      redirect_to new_user_session_url,:flash => { :error => "That email address matches no user." }
    end
end

用户收到Devise电子邮件,但单击该链接会将用户带到应用程序根目录,而不是密码重置表单.我不知道怎么从这里开始.有什么想法吗？干杯!

UPDATE

解决方法

首先,为处理Devise :: PasswordsController创建控制器

class PasswordusersController < Devise::PasswordsController 
  prepend_before_filter :require_no_authentication
  append_before_filter :assert_reset_token_passed,:only => :edit

  def new
    super
  end

  def create
    self.resource = resource_class.send_reset_password_instructions(resource_params)

    if successfully_sent?(resource)
      redirect_to root_path,:notice => "Instruction has been send to your email"
    else
      respond_with(resource)
    end
  end

  def edit
    super
  end

  def update
    self.resource = resource_class.reset_password_by_token(resource_params)

    if resource.errors.empty?
      resource.unlock_access! if unlockable?(resource)
      flash_message = resource.active_for_authentication? ? :updated : :updated_not_active
      set_flash_message(:notice,flash_message) if is_navigational_format?
      sign_in(resource_name,resource)
      redirect_to login_path,:notice => "Password has been change"
    else
      respond_with resource
    end
  end

  protected

    def after_sending_reset_password_instructions_path_for(resource_name)
      root_path
    end

    def assert_reset_token_passed
      super
    end

    def unlockable?(resource)
      super
    end

end

比,运行生成视图设计

将views / devise / passwords中的new.html.erb和edit.html.erb复制到views / passwordusers

在routes.rb上你可以配置如：

devise_scope :user do
get '/reset_password' => "passowrdusers#new",:as => :reset_password
get '/new_password' => "passwordusers#edit",:as => :new_password
end

编辑devise / mailer / reset_password_instructions.html.erb上的链接

<p><%= link_to 'Change My Password',new_password_path(@resource,:reset_password_token => @resource.reset_password_token) %></p>

最后,在视图表单上登录添加此项

<%= link_to "Forgot Password?",reset_password_url(resource_name) %>

UPDATE

在routes.rb上你可以配置如：

devise_scope :user do
get '/reset_password' => "passowrdusers#new",:as => :new_password
post '/send_email' => 'passwordusers#create',:as => :create_password
put '/change' =>  'passwordusers#update',:as => :update_password
end

on views / passwordusers / new.html.erb

<%= form_for("user",:url => create_password_path(resource_name),:html => { :method => :post }) do |f| %>

在views / passwordusers / edit.html.erb上

<%= form_for("user",:url => update_password_path(resource_name),:html => { :method => :put }) do |f| %>

（编辑：李大同）

【声明】本站内容均来自网络，其相关言论仅代表作者个人观点，不代表本站立场。若无意侵犯到您的权利，请及时与联系站长删除相关内容!