Rails 3.2 Omniauth設計 - 添加密碼 - 跳過當前密碼

Question

我使用的是Omniauth，允許用戶通過Facebook，Twitter和Google登錄（並創建一個帳戶）。

但是，如果用戶決定不再使用這些服務，但繼續使用他們的帳戶，他們會想要添加密碼。

---

我怎麼可以讓用戶將其帳戶添加密碼，而無需輸入current password *

---

當我就讓用戶去到edit_user_registration_path(@user)，他們看到下面的表格？

= form_for(resource, as: resource_name, url: registration_path(resource_name), html: { method: :put, name: 'validation'}) do |f| 
    = devise_error_messages! 

    = f.label :email, class: 'block' 
    = f.email_field :email, class: 'large' 
    %span.infobar Keep this here unless you'd like to change your email 

    = f.label :password, class: 'block' 
    = f.password_field :password, class: 'large' 
    %span.infobar Leave blank if you don't want to change it 

    = f.label :password_confirmation, class: 'block' 
    = f.password_field :password_confirmation, class: 'large' 

    - if @user.password_required? 
    = f.label :current_password, class: 'block' 
    = f.password_field :current_password, class: 'large' 
    %span.infobar We need your current password to confirm changes 

    = f.submit "Update" 

user.rb

def password_required? 
    (authentications.empty? || !password.blank?) && super 
end 

正如你所看到的，我已經這樣如果@user.password_required?，那麼顯示當前的密碼字段。即使嘗試爲帳戶創建新密碼時未顯示此字段，表單也不會正確驗證，因爲需要當前密碼。

Answer 1

我只是改寫了RegistrationsController＃更新方法：

class RegistrationsController < Devise::RegistrationsController 
    def update 
    # Override Devise to use update_attributes instead of update_with_password. 
    # This is the only change we make. 
    if resource.update_attributes(params[resource_name]) 
     set_flash_message :notice, :updated 
     # Line below required if using Devise >= 1.2.0 
     sign_in resource_name, resource, :bypass => true 
     redirect_to after_update_path_for(resource) 
    else 
     clean_up_passwords(resource) 
     render_with_scope :edit 
    end 
    end 
end 

來源：How To: Allow users to edit their account without providing a password