1

我花了一段时间尝试并寻找调试此问题的答案。

我正在关注Railscast 250(从头开始验证),它适用于 Rails 4 上的 Rails 3。显然,我认为我已经使用常用方法解决了强参数问题。我目前收到此错误:

#User:0xb640d880 的未定义方法“密码”

提取的源代码(第 32 行附近):respond_to do |format|

 if @user.save
   format.html { redirect_to @user, notice: 'User was successfully created.' }
   format.json { render action: 'show', status: :created, location: @user }
 else

我知道控制器可以访问密码属性,但由于某种原因,即使我正在验证模型中是否存在 :password,模型也无法访问。

用户.rb

class User < ActiveRecord::Base
before_save :encrypt_password
validates_confirmation_of :password
validates_presence_of :password, :on => :create
validates_presence_of :email
validates_uniqueness_of :email

def encrypt_password
    if password.present?
        self.password_salt = BCrypt::Engine.generate_salt
        self.password_hash = BCrypt::Engine.hash_secret(password, password_salt)
    end
end
end

users_controller.rb

class UsersController < ApplicationController
  before_action :set_user, only: [:show, :edit, :update, :destroy]

  # GET /users
  # GET /users.json
  def index
    @users = User.all
  end

  # GET /users/1
  # GET /users/1.json
  def show
  end

  # GET /users/new
  def new
    @user = User.new
  end

  # GET /users/1/edit
  def edit
  end

  # POST /users
  # POST /users.json
  def create
    logger.warn user_params[:password]
    @user = User.new(email: user_params[:email], password_hash: user_params[:password_hash], password_salt: user_params[:password_salt])

respond_to do |format|
  if @user.save
    format.html { redirect_to @user, notice: 'User was successfully created.' }
    format.json { render action: 'show', status: :created, location: @user }
  else
    format.html { render action: 'new' }
    format.json { render json: @user.errors, status: :unprocessable_entity }
  end
end
  end

  # PATCH/PUT /users/1
  # PATCH/PUT /users/1.json
  def update
        respond_to do |format|
          if @user.update(user_params)
           format.html { redirect_to @user, notice: 'User was successfully updated.' }
            format.json { head :no_content }
          else
            format.html { render action: 'edit' }
            format.json { render json: @user.errors, status: :unprocessable_entity }
          end
        end
  end

  # DELETE /users/1
  # DELETE /users/1.json
 def destroy
    @user.destroy
    respond_to do |format|
      format.html { redirect_to users_url }
      format.json { head :no_content }
    end
  end
  private

    # Use callbacks to share common setup or constraints between actions.
    def set_user
      @user = User.find(params[:id])
    end

    # Never trust parameters from the scary internet, only allow the white list through.
    def user_params
      params.require(:user).permit(:email, :password_hash, :password_salt, :password)
    end
end

_form.html.erb(视图)

<%= form_for(@user) do |f| %>
    <% if @user.errors.any? %>
      <div id="error_explanation">
        <h2><%= pluralize(@user.errors.count, "error") %> prohibited this user from being saved:</h2>

        <ul>
    <% @user.errors.full_messages.each do |msg| %>
      <li><%= msg %></li>
    <% end %>
    </ul>
  </div>
<% end %>

<div class="field">
  <%= f.label :email %><br>
  <%= f.text_field :email %>
</div>
<div class="field">
  <%= f.label :password %><br>
  <%= f.password_field :password %>
</div>
<div class="field">
  <%= f.label :password %><br>
  <%= f.password_field :password %>
</div>
<div class="actions">
  <%= f.submit %>
</div>
  <% end %>

谢谢你的帮助!

4

2 回答 2

1

我已经创建了一个用户认证的示例项目,所以请检查它。

用户控制器.rb

class UsersController < ApplicationController

  def new
    @user = User.new
  end

  def create

    @user = User.new(user_params)
    #raise params.inspect
    if @user.save
      redirect_to root_url, :notice => "Signed up!"
    else
      render "new"
    end
  end

  private
  def user_params
    params.require(:user).permit(:email, :password_hash, :password_salt, :password)
  end

end

新的.html.erb

<h1>Sign Up</h1>

<%= form_for @user do |f| %>
  <% if @user.errors.any? %>
    <div class="error_messages">
      <h2>Form is invalid</h2>
      <ul>
        <% for message in @user.errors.full_messages %>
          <li><%= message %></li>
        <% end %>
      </ul>
    </div>
  <% end %>
  <p>
    <%= f.label :email %><br />
    <%= f.text_field :email %>
  </p>
  <p>
    <%= f.label :password %><br />
    <%= f.password_field :password %>
  </p>
  <p>
    <%= f.label :password_confirmation %>
    <%= f.password_field :password_confirmation %>
  </p>
  <p class="button"><%= f.submit %></p>
<% end %>

用户.rb

class User < ActiveRecord::Base
  attr_accessor :password
  before_save :encrypt_password


  validates_confirmation_of :password
  #validates_presence_of :password, :on => :create
  validates_presence_of :email
  validates_uniqueness_of :email

  def encrypt_password
    #raise password.inspect
    if password.present?
      self.password_salt = BCrypt::Engine.generate_salt
      self.password_hash = BCrypt::Engine.hash_secret(password, password_salt)
    end
  end
end

上面的代码工作正常。

于 2013-10-08T07:51:04.890 回答
0

您的模型缺少密码的 attr_accessor。由于您的表中没有密码列,但仍需要接收密码属性(因此您可以使用盐对其进行处理,然后将其转换为哈希),因此您需要此访问器。

在你的用户模型中添加这个:

attr_accessor :password

编辑:就像 Amit Sharma 在他的演示中指出的那样。

于 2013-10-30T13:51:15.497 回答