7

我的 Rails 应用程序使用设计来处理注册、身份验证等。我正在使用可确认模块。错误是这样的——当用户使用电子邮件注册时,Devise 会发送两封带有不同确认链接的确认电子邮件。一个链接有效,另一个将用户引导至错误页面。

设计吐出与错误相关的消息:“确认令牌无效”并将用户带到重新发送确认电子邮件页面。

我正在使用 heroku 托管并使用 sendgrid 发送电子邮件。更新:该错误也发生在本地主机上。

我不知道这个错误的根源在哪里,这可能比你需要看到的代码更多:


models/user.rb

...

devise :database_authenticatable, :registerable, :omniauthable,
     :recoverable, :rememberable, :trackable, :validatable, 
     :confirmable, :authentication_keys => [:login]

...

## callbacks
after_create :account_created

# called after the account is first created
def account_created

  # check if this activiy has already been created
  if !self.activities.where(:kind => "created_account").blank?
    puts "WARNING: user ##{self.id} already has a created account activity!"
    return
  end

  # update points
  self.points += 50
  self.save

  # create activity
  act = self.activities.new
  act.kind = "created_account"
  act.created_at = self.created_at
  act.save

end

...

def confirmation_required?
  super && (self.standard_account? || self.email_changed)
end

...



控制器/registrations_controller.rb

class RegistrationsController < Devise::RegistrationsController
  def update
    unless @user.last_sign_in_at.nil?

      puts "--------------double checking whether password confirmation is required--"
      ## if the user has not signed in yet, we don't want to do this.

      @user = User.find(current_user.id)
      # uncomment if you want to require password for email change
      email_changed = @user.email != params[:user][:email]
      password_changed = !params[:user][:password].empty?

      # uncomment if you want to require password for email change
      # successfully_updated = if email_changed or password_changed

      successfully_updated = if password_changed
        params[:user].delete(:current_password) if params[:user][:current_password].blank?
        @user.update_with_password(params[:user])
      else
        params[:user].delete(:current_password)
        @user.update_without_password(params[:user])
      end

      if successfully_updated
        # Sign in the user bypassing validation in case his password changed
        sign_in @user, :bypass => true
        if email_changed
          flash[:blue] = "Your account has been updated! Check your email to confirm your new address. Until then, your email will remain unchanged."
        else
          flash[:blue] = "Account info has been updated!"
        end
        redirect_to edit_user_registration_path
      else
        render "edit"
      end
    end
  end
end



控制器/omniauth_callbacks_controller

class OmniauthCallbacksController < Devise::OmniauthCallbacksController

  skip_before_filter :verify_authenticity_token

    def facebook
        user = User.from_omniauth(request.env["omniauth.auth"])
    if user.persisted?
      flash.notice = "Signed in!"

      # if the oauth_token is expired or nil, update it...
      if (DateTime.now > (user.oauth_expires_at || 99.years.ago) )
        user.update_oauth_token(request.env["omniauth.auth"])
      end

      sign_in_and_redirect user
    else
      session["devise.user_attributes"] = user.attributes
      redirect_to new_user_registration_url
    end
    end
end



配置/路由.rb

...

devise_for :users, controllers: {omniauth_callbacks: "omniauth_callbacks", 
                                :registrations => "registrations"}

...

如果需要,我很乐意提供更多信息。我也愿意自定义/覆盖设计邮件行为,但我不知道该怎么做。

非常感谢!

4

3 回答 3

14

解决了!

我能够覆盖 Devise::Mailer 并强制堆栈跟踪以找出导致重复电子邮件的确切原因。Devise::Mailer#confirmation_instructions 被调用了两次,我发现问题出在我的 :after_create 回调上,如下所示:


在模型/user.rb ...

after_create :account_created

# called after the account is first created
def account_created

...

  # update points
  self.points += 50
  self.save

...

end

以某种方式调用 self.save 会导致邮件程序再次被触发。我通过更改添加点的时间来解决问题。我摆脱了 after_create 调用并覆盖了确认!设计方法看起来像这样:

def confirm!
  super
  account_created
end

所以现在用户记录在确认之前不会被修改(加分)。不再有重复的电子邮件!

于 2012-10-25T05:51:24.663 回答
8

我最初选择了 Thomas Klemm 的答案,但是当我有空闲时间试图弄清楚发生了什么,因为感觉不对时,我回去看看这个。

我跟踪了“问题”并注意到它仅发生在您的设计(用户)模型中设置了 :confirmable 并且在设计初始化程序中启用了 reconfirmable 时 - 事后看来这很有意义,因为基本上在 after_create 我们正在改变User 模型,虽然我们没有更改电子邮件地址 - 我怀疑 Devise 可能会这样做,因为该帐户尚未确认,但无论如何,只需调用 self.skip_reconfirmation 即可轻松停止第二封电子邮件!在 after_create 方法中。

我创建了一个带有几个测试的示例 Rails 项目,以确保正确的行为。以下是关键摘录。如果您手头有太多时间,可以在此处查看该项目:https ://github.com/richhollis/devise-reconfirmable-test

应用程序/模型/User.rb

class User < ActiveRecord::Base
  # Include default devise modules. Others available are:
  # :token_authenticatable, :confirmable,
  # :lockable, :timeoutable and :omniauthable
  devise :database_authenticatable, :registerable,
         :recoverable, :rememberable, :trackable, :validatable, :confirmable

  # Setup accessible (or protected) attributes for your model
  attr_accessible :email, :password, :password_confirmation, :remember_me

  after_create :add_attribute

  private

  def add_attribute
    self.skip_reconfirmation!
    self.update_attributes({ :status => 200 }, :without_protection => true)
  end
end

初始化程序/devise.rb

# Use this hook to configure devise mailer, warden hooks and so forth.
# Many of these configuration options can be set straight in your model.
Devise.setup do |config|

  ..
  ..

  # If true, requires any email changes to be confirmed (exactly the same way as
  # initial account confirmation) to be applied. Requires additional unconfirmed_email
  # db field (see migrations). Until confirmed new email is stored in
  # unconfirmed email column, and copied to email column on successful confirmation.
  config.reconfirmable = true

  ..
  ..

end

规格/模型/user_spec.rb

require 'spec_helper'

describe User do

  subject(:user) { User.create(:email => 'nobody@nobody.com', :password => 'abcdefghijk') }

  it "should only send one email during creation" do
    expect {
      user
    }.to change(ActionMailer::Base.deliveries, :count).by(1)
  end

  it "should set attribute in after_create as expected" do
    user.status.should eq(200)
  end

end

运行 rspec 测试以确保只发送一封电子邮件确认该行为:

..

在 0.87571 秒内完成 2 个示例,0 次失败

于 2013-03-11T18:09:29.940 回答
2

感谢您的出色解决方案,斯蒂芬!我已经尝试过了,它可以完美地融入该confirm!方法。但是,在这种情况下,当用户单击他收到的电子邮件中的确认链接时,将调用该函数(如名称所示)。

另一种方法是挂钩该generate_confirmation_token方法,因此在创建确认令牌并发送电子邮件时直接调用您的方法。

# app/models/user.rb
def generate_confirmation_token
  make_owner_an_account_member
  super # includes a call to save(validate: false), 
        # so be sure to call whatever you like beforehand
end

def make_owner_an_account_member
  self.account = owned_account if owned_account?
end

确认模块的相关来源

于 2013-02-15T19:57:25.183 回答