ruby-on-rails – 设计:允许用户仅重置密码
我有一个非常标准的用户模型与Devise.管理员在模型上使用:admin boolean进行控制,非管理员的用户无法自行管理(即,只有管理员才能对用户进行更改).
我想要的是允许用户忘记密码时重置密码.他们会输入他们的电子邮件地址,然后通过电子邮件发送一个令牌,授予他们更改权限的权限.我已经开始了解决方案,但我真的不知道如何继续. user.rb class User < ActiveRecord::Base devise :database_authenticatable,:registerable,:recoverable,:rememberable,:trackable,:validatable attr_accessor :current_password attr_accessible :name,:password,:password_confirmation,:current_password,:email,:remember_me,:ftp,:colour1,:colour2,:logo,:logo2,:address,:url,:disclosure,:general_advice,:facebook,:twitter,:brand_id,:analytics attr_protected :admin validates_uniqueness_of :email,:ftp belongs_to :brand has_many :docs has_many :orders,:through => :docs has_attached_file :logo has_attached_file :logo2 end class Ability include CanCan::Ability def initialize(user) user ||= User.new #guesting if user.admin? can :manage,:all else can :manage,:recoverable end end end 这是方法: def reset @idiot = User.where(:email => params[:email]).first unless @idiot.nil? Notifier.send_reset_notice(@idiot).deliver @idiot.send_reset_password_instructions redirect_to new_user_session_url else redirect_to new_user_session_url,:flash => { :error => "That email address matches no user." } end end 用户收到Devise电子邮件,但单击该链接会将用户带到应用程序根目录,而不是密码重置表单.我不知道怎么从这里开始.有什么想法吗?干杯! UPDATE 相关路线: devise_for :users,:path => "d" devise_scope :user do get '/sign_in' => 'devise/sessions#new' get '/sign_out' => 'devise/sessions#destroy' end 解决方法
首先,为处理Devise :: PasswordsController创建控制器
class PasswordusersController < Devise::PasswordsController prepend_before_filter :require_no_authentication append_before_filter :assert_reset_token_passed,:only => :edit def new super end def create self.resource = resource_class.send_reset_password_instructions(resource_params) if successfully_sent?(resource) redirect_to root_path,:notice => "Instruction has been send to your email" else respond_with(resource) end end def edit super end def update self.resource = resource_class.reset_password_by_token(resource_params) if resource.errors.empty? resource.unlock_access! if unlockable?(resource) flash_message = resource.active_for_authentication? ? :updated : :updated_not_active set_flash_message(:notice,flash_message) if is_navigational_format? sign_in(resource_name,resource) redirect_to login_path,:notice => "Password has been change" else respond_with resource end end protected def after_sending_reset_password_instructions_path_for(resource_name) root_path end def assert_reset_token_passed super end def unlockable?(resource) super end end 比,运行生成视图设计 将views / devise / passwords中的new.html.erb和edit.html.erb复制到views / passwordusers 在routes.rb上你可以配置如: devise_scope :user do get '/reset_password' => "passowrdusers#new",:as => :reset_password get '/new_password' => "passwordusers#edit",:as => :new_password end 编辑devise / mailer / reset_password_instructions.html.erb上的链接 <p><%= link_to 'Change My Password',new_password_path(@resource,:reset_password_token => @resource.reset_password_token) %></p> 最后,在视图表单上登录添加此项 <%= link_to "Forgot Password?",reset_password_url(resource_name) %> UPDATE 在routes.rb上你可以配置如: devise_scope :user do get '/reset_password' => "passowrdusers#new",:as => :new_password post '/send_email' => 'passwordusers#create',:as => :create_password put '/change' => 'passwordusers#update',:as => :update_password end on views / passwordusers / new.html.erb <%= form_for("user",:url => create_password_path(resource_name),:html => { :method => :post }) do |f| %> 在views / passwordusers / edit.html.erb上 <%= form_for("user",:url => update_password_path(resource_name),:html => { :method => :put }) do |f| %> (编辑:李大同) 【声明】本站内容均来自网络,其相关言论仅代表作者个人观点,不代表本站立场。若无意侵犯到您的权利,请及时与联系站长删除相关内容! |