gpt4 book ai didi

ruby-on-rails - 设计:只允许用户重置密码

转载 作者:行者123 更新时间:2023-12-01 01:09:54 25 4
gpt4 key购买 nike

我有一个非常标准的 User模型与设计。管理员由 :admin 控制模型上的 bool 值,不是管理员的用户无法管理自己(即,只有管理员可以对用户进行更改)。

我想要的是允许用户在忘记密码时重置密码。他们将输入他们的电子邮件地址,然后通过电子邮件发送一个 token ,该 token 将授予他们更改它的权限。我已经开始了一个解决方案,但我真的不知道如何继续。

user.rb

class User < ActiveRecord::Base
devise :database_authenticatable, :registerable, :recoverable, :rememberable, :trackable, :validatable
attr_accessor :current_password
attr_accessible :name, :password, :password_confirmation, :current_password, :email, :remember_me, :ftp, :colour1, :colour2, :logo, :logo2, :address, :url, :disclosure, :general_advice, :facebook, :twitter, :brand_id, :analytics
attr_protected :admin
validates_uniqueness_of :email, :ftp
belongs_to :brand
has_many :docs
has_many :orders, :through => :docs
has_attached_file :logo
has_attached_file :logo2
end

class Ability
include CanCan::Ability
def initialize(user)
user ||= User.new #guesting
if user.admin?
can :manage, :all
else
can :manage, :recoverable
end
end
end

这是方法:
def reset
@idiot = User.where(:email => params[:email]).first
unless @idiot.nil?
Notifier.send_reset_notice(@idiot).deliver
@idiot.send_reset_password_instructions
redirect_to new_user_session_url
else
redirect_to new_user_session_url, :flash => { :error => "That email address matches no user." }
end
end

用户会收到 Devise 电子邮件,但单击链接会将用户带到应用程序根目录,而不是密码重置表单。我不知道如何从这里开始。有什么想法吗?干杯!

更新

相关路线:
devise_for :users, :path => "d"
devise_scope :user do
get '/sign_in' => 'devise/sessions#new'
get '/sign_out' => 'devise/sessions#destroy'
end

最佳答案

首先,为句柄创建 Controller Devise::PasswordsController

class PasswordusersController < Devise::PasswordsController 
prepend_before_filter :require_no_authentication
append_before_filter :assert_reset_token_passed, :only => :edit

def new
super
end

def create
self.resource = resource_class.send_reset_password_instructions(resource_params)

if successfully_sent?(resource)
redirect_to root_path, :notice => "Instruction has been send to your email"
else
respond_with(resource)
end
end

def edit
super
end

def update
self.resource = resource_class.reset_password_by_token(resource_params)

if resource.errors.empty?
resource.unlock_access! if unlockable?(resource)
flash_message = resource.active_for_authentication? ? :updated : :updated_not_active
set_flash_message(:notice, flash_message) if is_navigational_format?
sign_in(resource_name, resource)
redirect_to login_path, :notice => "Password has been change"
else
respond_with resource
end
end

protected

def after_sending_reset_password_instructions_path_for(resource_name)
root_path
end

def assert_reset_token_passed
super
end

def unlockable?(resource)
super
end

end

然后,运行为设计生成 View

复制 new.html.erbedit.html.erb来自 views/devise/passwordsviews/passwordusers
routes.rb您可以配置例如:
devise_scope :user do
get '/reset_password' => "passowrdusers#new", :as => :reset_password
get '/new_password' => "passwordusers#edit", :as => :new_password
end

编辑链接 devise/mailer/reset_password_instructions.html.erb
<p><%= link_to 'Change My Password', new_password_path(@resource, :reset_password_token => @resource.reset_password_token) %></p>

最后,在查看表单登录时添加这个
<%= link_to "Forgot Password?", reset_password_url(resource_name) %>

更新

routes.rb您可以配置例如:
devise_scope :user do
get '/reset_password' => "passowrdusers#new", :as => :reset_password
get '/new_password' => "passwordusers#edit", :as => :new_password
post '/send_email' => 'passwordusers#create', :as => :create_password
put '/change' => 'passwordusers#update', :as => :update_password
end

views/passwordusers/new.html.erb
  <%= form_for("user", :url => create_password_path(resource_name), :html => { :method => :post }) do |f| %>

views/passwordusers/edit.html.erb
<%= form_for("user", :url => update_password_path(resource_name), :html => { :method => :put }) do |f| %>

关于ruby-on-rails - 设计:只允许用户重置密码,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/15917037/

25 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com