Ruby 在 Rails Change/Update 配置文件页面上使用模态密码验证旧密码,添加新密码,确认新密码
Ruby on Rails Change/Update Password with Modal on Profile Page Validate Old Password, add New Password, Confirm New Password
我正在尝试更新个人资料页面上的用户密码。为了给你上下文,用户将在他们的个人资料页面上单击 "Change Password" link,然后将显示一个带有 bootstrap_form_for 的模式,要求确认旧密码,输入新密码,然后确认新密码。
目前我的方法已经通过,但是数据库中的密码没有被修改。我没有使用 Devise,这是从头开始完成的。
理想情况下,我想确保旧密码得到正确验证,然后在数据库中更新新密码。
我在用户控制器中留下了一些注释掉的代码,因此您可以看到我一直在尝试的一些内容。
请指教!谢谢!
路线
resources :users do
member do
get :confirm_email
end
end
get 'change_password' => 'users#change_password'
patch 'change_password' => 'users#change_password'
用户控制器:
def update
@user = User.find(@current_user)
User.update(@user, edit_user_params)
@user.save
redirect_to user_path
end
def change_password
@user = User.find(@current_user)
current_password = params[:user][:current_password]
user = User.authenticate(@user.email, current_password)
if @user && user
# @user.update.password = params[:new_password]
# new_password = params[:password]
# @user.update(new_password)
User.update(@user, change_password_params)
@user.save
flash[:success] = "Password successfully changed!"
redirect_to user_path(@current_user)
else
flash[:danger] = "Your old password was incorrect. Please try again."
redirect_to user_path(@current_user)
end
end
private
def user_params
params.require(:new_user).permit(:name,:email,:password)
end
def edit_user_params
params.require(:user).permit(:name,:email,:password,:city,:state_id,:country_id,:about)
end
def change_password_params
params.require(:user).permit(:password)
end
edit.html.erb(模态部分)
<!-- Change Password Modal -->
<div id="changepasswordmodal" class="modal fade" tabindex="-1" role="dialog">
<div class="modal-dialog">
<div class="modal-content">
<div class="modal-header">
<button type="button" class="close" data-dismiss="modal">×</button>
<h3 class="">Change Password</h3>
</div>
<div class="modal-body">
<%= bootstrap_form_for @user, url: change_password_path do |p| %>
<%= p.password_field :current_password, hide_label: true, placeholder: "Enter your Old Password", class: "input-lg required" %>
<%= p.password_field :password, hide_label: true, placeholder: "Enter a New Password", class: "input-lg required" %>
<%= p.password_field :password_confirmation, hide_label: true, placeholder: "Confirm New Password", class: "input-lg required"%>
<%= p.submit "Change Password", :class=> "btn btn-primary" %>
<% end %>
</div>
</div>
</div>
</div>
用户模型(仅相关部分)
class User < ActiveRecord::Base
has_secure_password
before_create :confirmation_token
belongs_to :state
belongs_to :country
belongs_to :account_type
has_many :authentications
validates :email,
presence: true,
uniqueness: {case_sensitive: false},
format: { with: /\A([^@\s]+)@((?:[-a-z0-9]+\.)+[a-z]{2,})\z/i, on: :create }
validates :password,
presence: true,
:on => :create
def self.authenticate email, password
User.find_by_email(email).try(:authenticate, password)
end
end
想了很久才找到问题所在:
def change_password
@user = User.find(@current_user)
current_password = params[:user][:current_password]
user = User.authenticate(@user.email, current_password)
if @user && user
# @user.update.password = params[:new_password]
# new_password = params[:password]
# @user.update(new_password)
user.update_attribute(password: params[:user][:current_password])
flash[:success] = "Password successfully changed!"
redirect_to user_path(@current_user)
else
flash[:danger] = "Your old password was incorrect. Please try again."
redirect_to user_path(@current_user)
end
end
更新数据的方式有很多种。你可以看看different way to update attribute. I would prefer to choose update_attribute because in this case we don't have to validate another field. See how a update_attribute description。您必须删除 @user.save,因为 update_attribute 已经保存了它。希望对你有帮助。
我正在尝试更新个人资料页面上的用户密码。为了给你上下文,用户将在他们的个人资料页面上单击 "Change Password" link,然后将显示一个带有 bootstrap_form_for 的模式,要求确认旧密码,输入新密码,然后确认新密码。
目前我的方法已经通过,但是数据库中的密码没有被修改。我没有使用 Devise,这是从头开始完成的。
理想情况下,我想确保旧密码得到正确验证,然后在数据库中更新新密码。
我在用户控制器中留下了一些注释掉的代码,因此您可以看到我一直在尝试的一些内容。
请指教!谢谢!
路线
resources :users do
member do
get :confirm_email
end
end
get 'change_password' => 'users#change_password'
patch 'change_password' => 'users#change_password'
用户控制器:
def update
@user = User.find(@current_user)
User.update(@user, edit_user_params)
@user.save
redirect_to user_path
end
def change_password
@user = User.find(@current_user)
current_password = params[:user][:current_password]
user = User.authenticate(@user.email, current_password)
if @user && user
# @user.update.password = params[:new_password]
# new_password = params[:password]
# @user.update(new_password)
User.update(@user, change_password_params)
@user.save
flash[:success] = "Password successfully changed!"
redirect_to user_path(@current_user)
else
flash[:danger] = "Your old password was incorrect. Please try again."
redirect_to user_path(@current_user)
end
end
private
def user_params
params.require(:new_user).permit(:name,:email,:password)
end
def edit_user_params
params.require(:user).permit(:name,:email,:password,:city,:state_id,:country_id,:about)
end
def change_password_params
params.require(:user).permit(:password)
end
edit.html.erb(模态部分)
<!-- Change Password Modal -->
<div id="changepasswordmodal" class="modal fade" tabindex="-1" role="dialog">
<div class="modal-dialog">
<div class="modal-content">
<div class="modal-header">
<button type="button" class="close" data-dismiss="modal">×</button>
<h3 class="">Change Password</h3>
</div>
<div class="modal-body">
<%= bootstrap_form_for @user, url: change_password_path do |p| %>
<%= p.password_field :current_password, hide_label: true, placeholder: "Enter your Old Password", class: "input-lg required" %>
<%= p.password_field :password, hide_label: true, placeholder: "Enter a New Password", class: "input-lg required" %>
<%= p.password_field :password_confirmation, hide_label: true, placeholder: "Confirm New Password", class: "input-lg required"%>
<%= p.submit "Change Password", :class=> "btn btn-primary" %>
<% end %>
</div>
</div>
</div>
</div>
用户模型(仅相关部分)
class User < ActiveRecord::Base
has_secure_password
before_create :confirmation_token
belongs_to :state
belongs_to :country
belongs_to :account_type
has_many :authentications
validates :email,
presence: true,
uniqueness: {case_sensitive: false},
format: { with: /\A([^@\s]+)@((?:[-a-z0-9]+\.)+[a-z]{2,})\z/i, on: :create }
validates :password,
presence: true,
:on => :create
def self.authenticate email, password
User.find_by_email(email).try(:authenticate, password)
end
end
想了很久才找到问题所在:
def change_password
@user = User.find(@current_user)
current_password = params[:user][:current_password]
user = User.authenticate(@user.email, current_password)
if @user && user
# @user.update.password = params[:new_password]
# new_password = params[:password]
# @user.update(new_password)
user.update_attribute(password: params[:user][:current_password])
flash[:success] = "Password successfully changed!"
redirect_to user_path(@current_user)
else
flash[:danger] = "Your old password was incorrect. Please try again."
redirect_to user_path(@current_user)
end
end
更新数据的方式有很多种。你可以看看different way to update attribute. I would prefer to choose update_attribute because in this case we don't have to validate another field. See how a update_attribute description。您必须删除 @user.save,因为 update_attribute 已经保存了它。希望对你有帮助。