2

我是 Rails 新手,我想从头开始注册登录并忘记密码功能,所以我一直在关注 railscast 250 和 274 集..所以问题是,密码和密码确认字段的验证在注册时工作正常表单,但在重置密码表单上,这些验证根本不起作用..代码如下

模型:

    class User < ActiveRecord::Base
      attr_accessible :email, :password, :password_confirmation, :signup_token
      attr_accessor :password
      before_save :encrypt_password
      before_create {generate_token(:auth_token)}
      before_create {generate_token(:signup_token)}
      validates :password, length: {minimum: 8}, confirmation: true, presence: true,:on       => :create
      validates :email, presence: true, uniqueness: true
      validates :email, format: {with: /\A([^@\s]+)@((?:[-a-z0-9]+\.)+[a-z]{2,})\z/i, message: "not valid"}

      def generate_token(column)
        begin
          self[column] = SecureRandom.urlsafe_base64         
        end while User.exists?(column => self[column])
      end

      def self.authenticate(email, password)
        user = find_by_email(email)
        if user && user.password_hash == BCrypt::Engine.hash_secret(password, user.password_salt) && user.active == true
          user
        else
          nil
        end
     end

     def encrypt_password
       if password.present?
         self.password_salt = BCrypt::Engine.generate_salt
         self.password_hash = BCrypt::Engine.hash_secret(password, password_salt)
       end
     end

      def send_password_reset
        generate_token(:password_reset_token)
        self.password_reset_sent_at = Time.zone.now
        save!
        UserMailer.password_reset(self).deliver
      end
    end

密码重置控制器:

    class PasswordResetsController < ApplicationController
      def new
      end

      def create
    user = User.find_by_email(params[:email])
    user.send_password_reset if user
    redirect_to root_url, :notice => "Email sent with password reset instructions."
      end

      def edit
    @user = User.find_by_password_reset_token!(params[:id])
      end

      def update
        @user = User.find_by_password_reset_token!(params[:id])
        if @user.password_reset_sent_at < 2.hours.ago
          redirect_to new_password_reset_path, :alert => "Password reset has expired."
        elsif @user.update_attributes(params[:user])
          redirect_to root_url, :notice => "Password has been reset."
        else
          render :edit
        end
      end
     end

密码重置下的视图为new.html.erb:

    <h1>Reset Password</h1>

    <%= form_tag password_resets_path, :method => :post do %>
      <div class="field">
        <%= label_tag :email %>
        <%= text_field_tag :email, params[:email] %>
      </div>
      <div class="actions"><%= submit_tag "Reset Password" %></div>
    <% end %>

编辑.html.erb:

    <h1>Reset Password</h1>

    <%= form_for @user, :url => password_reset_path(params[:id]) do |f| %>
      <% if @user.errors.any? %>
        <div class="error_messages">
          <h2>Form is invalid</h2>
          <ul>
            <% for message in @user.errors.full_messages %>
              <li><%= message %></li>
            <% end %>
          </ul>
        </div>
      <% end %>
      <div class="field">
        <%= f.label :password %>
        <%= f.password_field :password %>
      </div>
      <div class="field">
        <%= f.label :password_confirmation %>
        <%= f.password_field :password_confirmation %>
      </div>
      <div class="actions"><%= f.submit "Update Password" %></div>
    <% end %>
4

0 回答 0