0

我正在尝试在我的应用程序中实现Railscast #274 ,以便提供密码重置选项。我已经到了可以将我的电子邮件输入到密码重置表单中并收到一封带有重置密码链接的电子邮件的地步。当我输入新密码并尝试保存时,事情开始出错。我最终得到了一个Action Controller:Exception caught. 以下是我给自己发送了一封包含密码重置链接的电子邮件后的日志:

Started GET "/password_resets/new" for 127.0.0.1 at 2012-01-26 00:50:42 -0500
  Processing by PasswordResetsController#new as HTML

单击密码重置链接:

Started GET "/password_resets/qlslPnuOhdyMCNseMnV3bA/edit" for 127.0.0.1 at 2012-01-26 00:51:08 -0500
  Processing by PasswordResetsController#edit as HTML
  Parameters: {"id"=>"qlslPnuOhdyMCNseMnV3bA"}

添加新的 :password 和 :password_confirmation 会产生错误:

Started POST "/password_resets/qlslPnuOhdyMCNseMnV3bA" for 127.0.0.1 at 2012-01-26 00:53:08 -0500
  Processing by PasswordResetsController#update as HTML
  Parameters: {"utf8"=>"✓", "authenticity_token"=>"2egfT2lr35FhuVPWDB72vcS2zPlqC75tcyctRp61ZHw=", "password"=>"[FILTERED]", "password_confirmation"=>"[FILTERED]", "commit"=>"Update Password", "id"=>"qlslPnuOhdyMCNseMnV3bA"}

Started GET "/profiles/qlslPnuOhdyMCNseMnV3bA" for 127.0.0.1 at 2012-01-26 00:53:09 -0500
  Processing by ProfilesController#show as HTML
  Parameters: {"id"=>"qlslPnuOhdyMCNseMnV3bA"}

  Profile Load (0.9ms)  SELECT "profiles".* FROM "profiles" WHERE "profiles"."id" = 'qlslPnuOhdyMCNseMnV3bA' LIMIT 1
PGError: ERROR:  invalid input syntax for integer: "qlslPnuOhdyMCNseMnV3bA"
LINE 1: ...ofiles".* FROM "profiles" WHERE "profiles"."id" = 'qlslPnuOh...
                                                             ^
: SELECT  "profiles".* FROM "profiles" WHERE "profiles"."id" = 'qlslPnuOhdyMCNseMnV3bA' LIMIT 1
Completed   in 57ms

ActiveRecord::StatementInvalid (PGError: ERROR:  invalid input syntax for integer: "qlslPnuOhdyMCNseMnV3bA"
LINE 1: ...ofiles".* FROM "profiles" WHERE "profiles"."id" = 'qlslPnuOh...
                                                         ^
: SELECT  "profiles".* FROM "profiles" WHERE "profiles"."id" = 'qlslPnuOhdyMCNseMnV3bA' LIMIT 1):
  app/controllers/profiles_controller.rb:41:in `show'

在profiles_controller.rb:41 中show

def show
  @profile = Profile.find(params[:id])
  @user = User.find(@profile.user_id)
  ..
end

在这样做之前,我转储了我的数据库,运行了rake:db create,然后rake:db migrate重新播种了数据库。这可能是因为我没有运行脚本来为现有用户提供密码重置令牌吗?

更新:包括password_resets_controller.rb

类 PasswordResetsController < ApplicationController def new end

  def create
    @user = @User.find_by_email(params[:email])
    if user
      user.send_password_reset
      redirect_to new_password_reset_path, :notice => "Check your email for password reset instructions."
    else
      redirect_to new_password_reset_path, :notice => "Sorry, we couldn't find that email. Please try again."
    end
  end

  def edit
    @user = User.find_by_password_reset_token!(params[:id])
  end

  def update
    @user = User.find_by_password_reset_token!(params[:id])
    if @user.password_reset_sent_at < 2.hours.ago
      redirect_to new_password_reset_path, :alert => "Your password reset link has expired."
    elsif @user.update_attributes(params[:user])
      redirect_to profile_path, :notice => "Great news: Your password has been reset."
    else
      render :edit
    end
  end
end
4

1 回答 1

1

看起来问题出在您的PasswordResetsController#update

def update
  @user = User.find_by_password_reset_token!(params[:id])
  if @user.password_reset_sent_at < 2.hours.ago
    redirect_to new_password_reset_path, :alert => "Your password reset link has expired."
  elsif @user.update_attributes(params[:user])
    redirect_to profile_path, :notice => "Great news: Your password has been reset."
  else
    render :edit
  end
end

redirect_to profile_path特别的。

如果您查看日志,您将看到以下序列:

POST "/password_resets/qlslPnuOhdyMCNseMnV3bA"
GET  "/profiles/qlslPnuOhdyMCNseMnV3bA"

并且路线应该是/password_resets/:id/profiles/:id/password_resets想要'qlslPnuOhdyMCNseMnV3bA'令牌但想要用户的/profiles数字 ID。

回到控制器,我们看到:

redirect_to profile_path, :notice => "Great news: Your password has been reset."

您没有告诉profile_path使用哪个用户,因此显然它正在抓取params[:id]构建不正确的/profiles/qlslPnuOhdyMCNseMnV3bAURL。尝试告诉profile_path哪个用户使用这样的东西:

redirect_to profile_path(@user), :notice => "Great news: Your password has been reset."
于 2012-01-26T23:18:26.637 回答