我希望用户在“激活”或使用电子邮件/密码登录之前单击激活链接。
我没有使用宝石,并希望保持这种状态。我的问题是用户注册后,无需点击激活码就可以登录。我有一条确认标记线和一条已确认的模型线。
用户控制器:
def create
@user = User.new(params[:user])
if @user.save
render "root_path"
else
render "new"
end
end
def confirmed
user = User.find(:first, :conditions => {:confirmation_token => params[:confirmation_token]})
if (!params[:confirmation_token].blank?) && user && !user.confirmed?
user.confirmed!
self.current_user = user
flash[:notice] = "Thank you. You account is now activated."
redirect_to account_preference_path(current_user)
else
flash[:notice] = "Sorry we don't have your email in our database."
redirect_to root_path
end
结尾
用户模型:
def confirmed!
self.confirmed = true
self.confirmation_token = nil
save(false)
end
我错过了什么吗?谢谢!
我知道那里有 devise、auth-logic 等宝石,但我想学习如何从头开始编写它。谢谢。
编辑:
会话控制器
def create
user = User.authenticate(params[:email], params[:password])
if user && user.confirmed == true
cookies.permanent.signed[:remember_token]
redirect_to account_path(user.id), :notice => "Welcome, #{user.first_name}"
else
flash.now.alert = "Invalid email or password."
render "new"
end
end