需要旧密码才能更改新密码 authlogic 身份验证

【问题标题】:Require old password to change new password authlogic authentication需要旧密码才能更改新密码 authlogic 身份验证
【发布时间】:2014-07-03 15:15:52
【问题描述】:

我有一个 _form.html.erb 部分,它将用户输入发送到控制器中的更新方法

<div id='myaccount-profile_name_form' class='clearfix'>
  <fieldset id="myaccount-profile" class='five columns'>
     <ul id="posting_classified_form">
       <li>
         <%= f.label :first_name %>
         <%= f.text_field :first_name, :placeholder => "First Name" %>
        </li>
        <li>
          <%= f.label :last_name %>
          <%= f.text_field :last_name %>
        </li>
        <li>
          <%= f.label :email %>
          <%= f.text_field :email %>
        </li>
        <li>
          <%= f.label :form_birth_date, "Birthday" %>
          <%= f.text_field :form_birth_date, :class => 'ui-yearpicker', :placeholder => "mm/dd/yyyy" %>
        </li>
     </ul>
  </fieldset>
</div>
<div id='myaccount-profile_form' class='clearfix' >
  <fieldset id="myaccount-profile-password" class='five '>
    <ul id="posting_classified_form">
      <li>
        <%= f.label :current_password, "Current Password", :placeholder => "We need your current password to confirm your changes", :required => true %>
        <%= f.password_field :password %>
      </li>
      <li>
        <%= f.label :password, "New Password" %>
        <%= f.password_field :password %>
      </li>
      <li>
        <%= f.label :password_confirmation, "Confirm", :style => "white-space:normal;" %>
        <%= f.password_field :password_confirmation %>
      </li>
    </ul>
  </fieldset>
  <div class="actions"><%= f.submit 'Update' , :class => 'goButton', :style => 'width:auto;float:right;'%></div>
</div>

这是控制器中的编辑/更新方法

  def edit
    @user = current_user
  end

  def update
    @user = current_user
    if @user.valid_password?(params[:user][:current_password])
      binding.pry
      @user.update_attributes(params[:user])
      flash[:notice]  = "Successfully updated user."
      redirect_to umarket_index_url
    else
      flash[:notice]  = "An error occurred while updating user please try again."
      redirect_to umarket_index_url
 #     render :edit
    end
  end

我们正在使用 authlogic gem 进行身份验证。我找到了valid_password?来自 authlogic 文档。我想让用户只有在用户输入正确的密码后才能更改密码。

服务器日志如下所示

Started GET "/myaccount/overview/edit" for 127.0.0.1 at 2014-07-03 11:16:07 -0400
Processing by Myaccount::OverviewsController#edit as HTML
  User Load (0.5ms)  SELECT "users".* FROM "users" WHERE "users"."id" = 6 LIMIT 1
  Rendered myaccount/overviews/_form.html.erb (2.7ms)
  Rendered myaccount/overviews/edit.html.erb (5.3ms)
Completed 200 OK in 16ms (Views: 5.9ms | ActiveRecord: 0.5ms)


Started PUT "/myaccount/overview" for 127.0.0.1 at 2014-07-03 11:16:14 -0400
Processing by Myaccount::OverviewsController#update as HTML
  Parameters: {"utf8"=>"✓", "authenticity_token"=>"b01gMlAQOJpu6Zu+mg+M4v2VYfm0AZvTAfKXa+ArJxU=", "user"=>{"first_name"=>"Judy", "last_name"=>"Ngai", "email"=>"judy.ngai1228@gmail.com", "form_birth_date"=>"spree@example.com", "password"=>"[FILTERED]", "password_confirmation"=>"[FILTERED]"}, "commit"=>"Update"}
  User Load (0.6ms)  SELECT "users".* FROM "users" WHERE "users"."id" = 6 LIMIT 1
Redirected to http://localhost:3000/umarket
Completed 302 Found in 15ms (ActiveRecord: 0.6ms)

密码未更改。日志中没有错误。我不使用 authlogic 所以我很困惑。

【问题讨论】:

  • 在执行@user.update_attributes(params[:user]) 后尝试查看@user.errors 以查看是否有任何验证失败

标签: ruby-on-rails authlogic


【解决方案1】:

我对您的代码感到错误的是您是 current_password 并且新密码字段具有相同的名称,在您的情况下为 user['password']。尝试更改下面代码中指定的名称。我已经粘贴了操作和视图代码供您参考。

注意:Params 是一个哈希,它不能重复相同的键,这是您尝试做的。只需更改名称,它应该可以正常工作。

这里是代码

def update_password  
  redirect_to user_path, alert: 'The current password you entered is not correct!' and return unless current_user.valid_password?(params[:user][:current_password], true)

  current_user.password = params[:user][:password]
  current_user.password_confirmation = params[:user][:password_confirmation]
  if current_user.save
    redirect_to user_path, notice: 'Your password has been updated'
  else
    redirect_to user_path, alert: current_user.errors.to_a.join("<br>")
  end
end

表格是这样的

%div{style: "display: none;", class: "updatePassWord curved curved-sm"}
= form_for current_user, url: update_password_user_path, html: {id: 'changePassForm'}, method: :put do |f|
  .row{:class => "form-group"}
    = f.password_field :current_password, class: "input-sm required passwordValidator", placeholder: "#{t('form_placeholder.current_password')}"
  .row{:class => "form-group"}
    = f.password_field :password, class: "input-sm required passwordValidator", placeholder: "#{t('form_placeholder.new_password')}"
  .row{:class => "form-group"}
    = f.password_field :password_confirmation, class: "input-sm required passwordValidator", placeholder: "#{t('form_placeholder.password_confirmation')}"
  .row{:class => "form-group"}
    = f.submit "Update My Password", class: "btn btn-success btn-cons submit"

如果有帮助请告诉我

【讨论】:

    猜你喜欢
    • 2013-03-26
    • 1970-01-01
    • 2020-03-26
    • 1970-01-01
    • 2014-07-27
    • 1970-01-01
    • 2015-07-23
    • 1970-01-01
    • 1970-01-01
    相关资源
    最近更新 更多
    热门标签
    Java Python linux javascript Mysql C# Docker 算法 前端 SpringBoot Redis Vue spring 设计模式 .net core .net kubernetes c++ 数据库 数据结构 大数据 js 机器学习 微服务 Android Go 程序员 面试 JVM ASP.net core 云原生 人工智能 后端 PHP git CSS golang k8s Nginx Django mybatis 深度学习 多线程 React 架构 devops 爬虫 云计算 Spring Boot LeetCode