我有以下 form_for 来重置密码。
<% provide(:title, "Reiniciar Password") %>
<%= form_for(@user, :url => password_reset_path(params[:id]) ) do |f| %>
<%= render 'shared/error_messages'%>
<div class="row">
<div class="span4">
 
</div>
<div class="span4" id="login-box">
<div id="login-controls">
<%= link_to(image_tag("logo.png"), root_path) %>
<br>
<br>
<%= f.password_field :password, :placeholder => "Contrasena", :tabindex => 1, :style => "height:25px;" %>
<%= f.password_field :password_confirmation, :placeholder => "Contrasena", :tabindex => 2, :style => "height:25px;" %>
<%= f.button "<i class=\"icon-lock icon-white\"></i> Actualizar Password".html_safe, :tabindex => 2, class: "btn btn-warning", :style => "width:220px;margin-bottom:5px;" %>
<% end %>
</div>
</div>
<div class="span4">
</div>
</div>
一切正常,执行验证,如果您按下按钮而没有在密码和密码确认字段中输入任何内容,控制器将使用空白密码重置密码。在我的模型中,我对密码和密码确认进行了验证,并且在您创建新用户时它可以工作,但我不知道为什么在这种形式中重置密码它不起作用。
这是模型
class User < ActiveRecord::Base
attr_accessible :email, :password, :password_confirmation
has_secure_password
before_save { |user| user.email = email.downcase }
before_save :create_remember_token
VALID_EMAIL_REGEX = /\A[\w+\-.]+@[a-z\d\-.]+\.[a-z]+\z/i
validates :email, presence: true, format: { with: VALID_EMAIL_REGEX }, uniqueness: { case_sensitive: false }
validates :password, presence: true, length: { minimum: 6 }, confirmation: true, unless: Proc.new { |a| !a.new_record? && a.password.blank? }
def send_password_reset
self.password_reset_token = SecureRandom.urlsafe_base64
self.password_reset_at = Time.zone.now
save!
UserMailer.password_reset(self).deliver
end
def reset_password_token
self.password_reset_token = nil
self.password_reset_at = nil
save!
end
private
def create_remember_token
self.remember_token = SecureRandom.urlsafe_base64
end
end
感谢您的帮助。
更新
这是控制器
class PasswordResetsController < ApplicationController
layout "sessions"
def new
end
def create
user = User.find_by_email!(params[:password_resets][:email] )
user.send_password_reset if user
redirect_to root_url, :notice => "Las instrucciones para reestrablecer la contrasena fueron enviadas."
end
def edit
@user = User.find_by_password_reset_token!(params[:id])
end
def update
@user = User.find_by_password_reset_token!(params[:id])
if @user.password_reset_at < (2.hours.ago).to_date
redirect_to new_password_reset_path, :alert => "El link para actualizar la contrasena ha expirado."
elsif @user.update_attributes(params[:user])
@user.reset_password_token
redirect_to root_url, :notice => "La contrasena ha sido cambiada."
else
render :edit
end
end
end