0

我正在尝试更新个人资料页面上的用户密码。为了给您提供上下文,用户将单击其个人资料页面上的“更改密码”链接,然后将显示带有 bootstrap_form_for 的模式,要求确认旧密码、输入新密码和确认新密码。

目前,我的方法成功通过了,但是数据库中的密码没有被更改。我没有使用设计,这是从头开始完成的。

理想情况下,我想确保正确验证旧密码,然后在数据库中更新新密码。

我在用户控制器中留下了一些注释掉的代码,因此您可以看到我一直在尝试的一些内容。

请指教!谢谢!

路线

resources :users do
  member do
    get :confirm_email
  end
end

get 'change_password' => 'users#change_password'
patch 'change_password' => 'users#change_password'

用户控制器:

def update
  @user = User.find(@current_user)
  User.update(@user, edit_user_params)
  @user.save
  redirect_to user_path
end

def change_password
  @user = User.find(@current_user)
  current_password = params[:user][:current_password]
  user = User.authenticate(@user.email, current_password)
  if @user && user
    # @user.update.password = params[:new_password]
    # new_password = params[:password]
    # @user.update(new_password)
    User.update(@user, change_password_params)
    @user.save
    flash[:success] = "Password successfully changed!"
    redirect_to user_path(@current_user)
  else
    flash[:danger] = "Your old password was incorrect. Please try again."
    redirect_to user_path(@current_user)
  end
end

private

def user_params
  params.require(:new_user).permit(:name,:email,:password)
end

def edit_user_params
  params.require(:user).permit(:name,:email,:password,:city,:state_id,:country_id,:about)
end

def change_password_params
  params.require(:user).permit(:password)
end

edit.html.erb(模态部分)

<!-- Change Password Modal -->

<div id="changepasswordmodal" class="modal fade" tabindex="-1" role="dialog">
    <div class="modal-dialog">
        <div class="modal-content">
            <div class="modal-header">
                <button type="button" class="close" data-dismiss="modal">×</button>
                  <h3 class="">Change Password</h3>
            </div>
            <div class="modal-body">
              <%= bootstrap_form_for @user, url: change_password_path do |p| %>
              <%= p.password_field :current_password, hide_label: true, placeholder: "Enter your Old Password", class: "input-lg required" %>
              <%= p.password_field :password, hide_label: true, placeholder: "Enter a New Password", class: "input-lg required" %>
              <%= p.password_field :password_confirmation, hide_label: true, placeholder: "Confirm New Password", class: "input-lg required"%>

              <%= p.submit "Change Password", :class=> "btn btn-primary" %>
              <% end %>
            </div>
        </div>
    </div>
</div>

用户模型(仅相关部分)

class User < ActiveRecord::Base
  has_secure_password

  before_create :confirmation_token

  belongs_to :state
  belongs_to :country
  belongs_to :account_type

  has_many :authentications

  validates :email,
    presence: true,
    uniqueness: {case_sensitive: false},
    format: { with: /\A([^@\s]+)@((?:[-a-z0-9]+\.)+[a-z]{2,})\z/i, on: :create }

  validates :password,
    presence: true,
    :on => :create


  def self.authenticate email, password
    User.find_by_email(email).try(:authenticate, password)
  end

end
4

1 回答 1

1

想了很久才发现问题:

def change_password
  @user = User.find(@current_user)
  current_password = params[:user][:current_password]
  user = User.authenticate(@user.email, current_password)
  if @user && user
    # @user.update.password = params[:new_password]
    # new_password = params[:password]
    # @user.update(new_password)
    user.update_attribute(password: params[:user][:current_password])
    flash[:success] = "Password successfully changed!"
    redirect_to user_path(@current_user)
  else
    flash[:danger] = "Your old password was incorrect. Please try again."
    redirect_to user_path(@current_user)
  end
end

有很多方法可以更新数据。您可以看一下更新属性的不同方式。我更愿意选择 update_attribute 因为在这种情况下我们不必验证另一个字段。查看update_attribute 描述如何。您必须删除@user.save,因为 update_attribute 已经保存了它。希望,它可以帮助你。

于 2015-09-20T07:57:15.357 回答