1. 首页
  2. 问答
  3. 设计:允许用户重置密码只有

设计:允许用户重置密码只有

2013-04-10 75 views
3

我有一个漂亮的标准User模型与设计。管理员在模型上使用布尔值:admin进行控制,而非管理员的用户不能自行管理(即只有管理员可以对用户进行更改)。设计:允许用户重置密码只有

我想要的是允许用户重置他们的密码,如果他们忘记了。他们会输入他们的电子邮件地址,然后通过电子邮件发送令牌,以授予他们访问权限以更改它。我已经开始了一个解决方案,但我真的不知道如何继续。

user.rb

class User < ActiveRecord::Base 
    devise :database_authenticatable, :registerable, :recoverable, :rememberable, :trackable, :validatable 
    attr_accessor :current_password 
    attr_accessible :name, :password, :password_confirmation, :current_password, :email, :remember_me, :ftp, :colour1, :colour2, :logo, :logo2, :address, :url, :disclosure, :general_advice, :facebook, :twitter, :brand_id, :analytics 
    attr_protected :admin 
    validates_uniqueness_of :email, :ftp 
    belongs_to :brand 
    has_many :docs 
    has_many :orders, :through => :docs 
    has_attached_file :logo 
    has_attached_file :logo2 
end 

class Ability 
    include CanCan::Ability 
    def initialize(user) 
    user ||= User.new #guesting 
    if user.admin? 
     can :manage, :all 
    else 
     can :manage, :recoverable 
    end 
    end 
end

而这里的方法:

def reset 
    @idiot = User.where(:email => params[:email]).first 
    unless @idiot.nil? 
     Notifier.send_reset_notice(@idiot).deliver 
     @idiot.send_reset_password_instructions 
     redirect_to new_user_session_url 
    else 
     redirect_to new_user_session_url, :flash => { :error => "That email address matches no user." } 
    end 
end

用户收到的电子邮件设计,但点击该链接将用户带到应用程序的根,而不是一密码重置表单。我不知道如何从这里开始。有什么想法吗?干杯!

UPDATE

相关路线:

devise_for :users, :path => "d" 
devise_scope :user do 
    get '/sign_in' => 'devise/sessions#new' 
    get '/sign_out' => 'devise/sessions#destroy' 
end

来源

2013-04-10 CD-RUM

+0

你必须要尝试这种解决方案[设计维基](HTTPS:// GI thub.com/plataformatec/devise/wiki/How-To%3a-Allow-users-to-edit-their-password)? – 2013-04-10 05:08:43

+0

是的,它不适合我的情况。感觉就像我的路线有问题或什么的。我会用我的路线更新这个问题。 – 2013-04-10 05:12:22

回答

3

首先,创建控制器手柄设计:: PasswordsController

class PasswordusersController < Devise::PasswordsController 
    prepend_before_filter :require_no_authentication 
    append_before_filter :assert_reset_token_passed, :only => :edit 

    def new 
    super 
    end 

    def create 
    self.resource = resource_class.send_reset_password_instructions(resource_params) 

    if successfully_sent?(resource) 
     redirect_to root_path, :notice => "Instruction has been send to your email" 
    else 
     respond_with(resource) 
    end 
    end 

    def edit 
    super 
    end 

    def update 
    self.resource = resource_class.reset_password_by_token(resource_params) 

    if resource.errors.empty? 
     resource.unlock_access! if unlockable?(resource) 
     flash_message = resource.active_for_authentication? ? :updated : :updated_not_active 
     set_flash_message(:notice, flash_message) if is_navigational_format? 
     sign_in(resource_name, resource) 
     redirect_to login_path, :notice => "Password has been change" 
    else 
     respond_with resource 
    end 
    end 

    protected 

    def after_sending_reset_password_instructions_path_for(resource_name) 
     root_path 
    end 

    def assert_reset_token_passed 
     super 
    end 

    def unlockable?(resource) 
     super 
    end 

end

比,运行色器件

副本生成视图从对routes.rbviews/passwordusers

您可以配置如:

devise_scope :user do 
get '/reset_password' => "passowrdusers#new", :as => :reset_password 
get '/new_password' => "passwordusers#edit", :as => :new_password 
end

编辑链接devise/mailer/reset_password_instructions.html.erb

<p><%= link_to 'Change My Password', new_password_path(@resource, :reset_password_token => @resource.reset_password_token) %></p>

最终,对视图的形式登录添加此

<%= link_to "Forgot Password?", reset_password_url(resource_name) %>

UPDATE上routes.rb

您可以配置如:

devise_scope :user do 
get '/reset_password' => "passowrdusers#new", :as => :reset_password 
get '/new_password' => "passwordusers#edit", :as => :new_password 
post '/send_email' => 'passwordusers#create', :as => :create_password 
put '/change' => 'passwordusers#update', :as => :update_password 
end 


<%= form_for("user", :url => create_password_path(resource_name), :html => { :method => :post }) do |f| %>

views/passwordusers/edit.html.erb

<%= form_for("user", :url => update_password_path(resource_name), :html => { :method => :put }) do |f| %>

来源

2013-04-10 05:38:49

+0

感谢您的回复!这感觉很接近,但我得到一些错误。首先,生成的URL看起来像这个'domain.com/new_password.2?reset_password_token = ...',这不起作用。当我将其更改为'/ new_password/2?...'时,我得到一个'无路由匹配[GET]“/ new_password/2”'错误。在'new.html.erb'形式(例如'<%= form_for(“user”,:url => passwordusers_create_path(resource_name),:html => {:method =>:post})上执行 – 2013-04-10 05:57:24

+0

do | f | %>'? – 2013-04-10 06:16:27

+0

他们是这样的:'<%= form_for(resource,:as => resource_name,:url => password_path(resource_name),:html => {:method =>:post})do | f | %>'。我应该改变他们到你写的东西吗? – 2013-04-10 06:17:50

相关问题

 相关问题