活动管理员:令牌过期后重置密码不显示错误

Active admin: reset password does not show an error after token is expired

当我生成通过活动管理员发送的重置密码 link 忘记密码时,我可以更改密码并登录到仪表板,但是当我再次尝试使用相同的 link 时更改密码它不执行任何操作并重定向到同一页面。即使我输入空密码也没有显示错误。我希望它显示令牌已过期的错误

每次提交表单时都会生成相同的日志。

AdminUser Load (0.6ms) SELECT "admin_users".* FROM "admin_users" WHERE "admin_users"."reset_password_token" = '14ad4bc9d075cbb5ed8057c9518848e448e56beab6430ff1d3c7459771a79662' ORDER BY "admin_users"."id" ASC LIMIT 1 [["reset_password_token", "14ad4bc9d075cbb5ed8057c9518848e448e56beab6430ff1d3c7459771a79662"]] method=PUT path=/admin/password format=html controller=ActiveAdmin::Devise::PasswordsController action=update status=200 duration=606.45 view=570.88 db=0.64 time=2016-07-26 12:25:20 UTC category=web ip=127.0.0.1 params={"admin_user"=>{"password"=>"[FILTERED]", "password_confirmation"=>"[FILTERED]", "reset_password_token"=>"[FILTERED]"}, "commit"=>"Change my password"}

我不知道为什么我给出了 200 个 status.Any 我应该从哪里开始寻找的想法?

我重写了 Devise::PasswordsController 中的设备 update 方法并添加了一行以显示错误 flash[:error] = resource.errors.full_messages.to_sentence 如果 resource.errors.empty? 为假,基本上它不会显示错误。

这是更新后的方法

 # PUT /resource/password
  def update
    self.resource = resource_class.reset_password_by_token(resource_params)
    yield resource if block_given?

    if resource.errors.empty?
      resource.unlock_access! if unlockable?(resource)
      if Devise.sign_in_after_reset_password
        flash_message = resource.active_for_authentication? ? :updated : :updated_not_active
        set_flash_message(:notice, flash_message) if is_flashing_format?
        sign_in(resource_name, resource)
      else
        set_flash_message(:notice, :updated_not_active) if is_flashing_format?
      end
      respond_with resource, location: after_resetting_password_path_for(resource)
    else
      flash[:error] = resource.errors.full_messages.to_sentence
      set_minimum_password_length
      respond_with resource
    end
  end