ruby-on-rails - 修改用户更新功能以在允许更改用户密码之前要求并验证当前密码

Question

我上面提到的标题是我的任务。当用户输入他当前的密码时，它显示错误，密码不匹配。如何检索当前密码进行比较？我的views/users/_form.html.erb 中的代码如下

     <fieldset>
      <legend>Enter User Details</legend>
      <div>
      <%= f.label :name %>:
        <%= f.text_field :name, :size => 40 %>
        </div>
          <% if params[:action ]== "edit" || params[:action]== "update" %>
    <div>
         <%= f.label :current_password, :class => "long_label" %><br />:
        <%= f.password_field :current_password, :size => 40 %>
         </div>
    <% end %>
   <div>
     <%= f.label :password, 'Password' %>:
   <%= f.password_field :password, :size => 40 %>
   </div>
    <div>
    <%= f.label :password_confirmation, 'Confirm' %>:
    <%= f.password_field :password_confirmation, :size => 40 %>
   </div>
    <div>
     <%= f.submit %>
       </div>
     </fieldset>

我的更新控制器中的代码是

        def update
        @user = User.find(params[:id])
      if @user.authenticate(params[:user][:current_password])
       cp = params[:user].delete('current_password')
    @user.errors.add(:current_password, 'is not correct') unless @user.authenticate(cp)
respond_to do |format|
if @user.errors.empty? and @user.update_attributes(params[:user])

    format.html { redirect_to user_url, :notice => 'Successfully updated.' }
    format.json { head :no_content }
  else
    format.html { render :action => "edit" }
    format.json { render :json => @user.errors, :status => :unprocessable_entity }
  end
end
end

我的用户模型中的代码如下

       class User < ActiveRecord::Base
            attr_accessible :name, :password_digest, :password, :password_confirmation,    :current_password
       # attr_accessor :password validates :name, :presence => true, :uniqueness => true

          #validates :current_password, :presence => true
          validates :password, :presence =>true
          validates_confirmation_of :password, :presence => true
           has_secure_password 
      after_destroy :ensure_an_admin_remains
      private
     def ensure_an_admin_remains
      if User.count.zero?
         raise "Can't delete last user"
     end
       end

    end

这是正确的方法吗？如何编写条件以检查以前的密码？它正在询问模板是否有错误。据我所知，错误不需要模板..但这里是问你我不知道！任何帮助肯定会受到赞赏！

Answer 1

<%= f.password_field :currnet_password, :size => 40 %>

错字？尝试:current_password代替:currnet_password