0
尊敬的同事們。Hartl的Rails教程 - false和「authenticated?」 (activation_token)
我在做Hartl的Railstutorial並遇到問題,我解決不了。根據教程我做的每一步。問題的
說明:
如果做運動,「?從清單11.26使用了廣義驗證方法,驗證用戶進行身份驗證。根據記住這兩個單詞和激活令牌」。
當正確的結果應該是這樣的:
>> User.authenticated (: remember, user.remember_token)
=> True
>> User.authenticated (: activation, user.activation_token)
=> True
同時,在我的情況下,它是:
user = User.create(name: "Test User", email: "[email protected]", password: "foobar", password_confirmation: "foobar")
(0.1ms) begin transaction
User Exists (0.2ms) SELECT 1 AS one FROM "users" WHERE LOWER("users"."email") = LOWER(?) LIMIT ? [["email", "[email protected]"], ["LIMIT", 1]]
SQL (0.3ms) INSERT INTO "users" ("name", "email", "created_at", "updated_at", "password_digest", "activation_digest") VALUES (?, ?, ?, ?, ?, ?) [["name", "Test User"], ["email", "[email protected]"], ["created_at", 2017-02-26 20:36:50 UTC], ["updated_at", 2017-02-26 20:36:50 UTC], ["password_digest", "$2a$10$caQcP8VAQJaUwaFQwOt4j.RadReeSllF5TBEwbvuu1D08.A/LPOlC"], ["activation_digest", "$2a$10$q2aPIqOaNWlZstIsKnCjbev7DqC2UXkRoNTMO3XAvYj3tIcVG40Gy"]]
(41.1ms) commit transaction
=> #<User id: 104, name: "Test User", email: "[email protected]", created_at: "2017-02-26 20:36:50", updated_at: "2017-02-26 20:36:50", password_digest: "$2a$10$caQcP8VAQJaUwaFQwOt4j.RadReeSllF5TBEwbvuu1D...", remember_digest: nil, admin: false, activation_digest: "$2a$10$q2aPIqOaNWlZstIsKnCjbev7DqC2UXkRoNTMO3XAvYj...", activated: false, activated_at: nil>
>> User.authenticated (: activation, user.activation_token)
=> False
結果,我不能讓用戶激活在後期階段。
有沒有人能給我理由?
我的文件:
user_controller.rb
class UsersController < ApplicationController
before_action :logged_in_user, only: [:index, :edit, :update, :destroy]
before_action :correct_user, only: [:edit, :update]
before_action :admin_user, only: :destroy
def new
@user = User.new
end
def index
@users = User.paginate(page: params[:page])
end
def show
@user = User.find(params[:id])
end
def create
@user = User.new(user_params)
if @user.save
UserMailer.account_activation(@user).deliver_now
flash[:info] = "Please check your email to activate your account."
redirect_to root_url
else
render 'new'
end
end
def edit
@user = User.find(params[:id])
end
def update
@user = User.find(params[:id])
if @user.update_attributes(user_params)
flash[:success] = "Profile updated"
redirect_to @user
else
render 'edit'
end
end
def destroy
User.find(params[:id]).destroy
flash[:success] = "User deleted"
redirect_to users_url
end
private
def user_params
params.require(:user).permit(:name, :email, :password,
:password_confirmation,
:admin)
end
# Before filters
# Confirms a logged-in user
def logged_in_user
unless logged_in?
store_location
flash[:danger] = "Please log in."
redirect_to login_url
end
end
# Confirms the correct user.
def correct_user
@user = User.find(params[:id])
redirect_to(root_url) unless current_user?(@user)
end
# Confirms an admin user.
def admin_user
redirect_to(root_url) unless current_user.admin?
end
end
user.erb
class User < ApplicationRecord
attr_accessor :remember_token, :activation_token
before_save :downcase_email
before_create :create_activation_digest
validates :name, presence: true, length: {maximum: 50}
VALID_EMAIL_REGEX = /\A[\w+\-.][email protected][a-z\d\-.]+\.[a-z]+\z/i
validates :email, presence: true, length: {maximum: 255},
format: { with: VALID_EMAIL_REGEX},
uniqueness: { case_sensitive: false }
has_secure_password
validates :password, presence: true, length: {minimum: 6}, allow_nil: true
# Returns the hash digest of the given string.
def User.digest(string)
cost = ActiveModel::SecurePassword.min_cost ? BCrypt::Engine::MIN_COST :
BCrypt::Engine.cost
BCrypt::Password.create(string, cost: cost)
end
# Returns a random token.
def User.new_token
SecureRandom.urlsafe_base64
end
def remember
self.remember_token = User.new_token
update_attribute(:remember_digest, User.digest(remember_token))
end
# Returns true if the given token matches the digest.
def authenticated?(attribute, token)
digest = send("#{attribute}_digest")
return false if digest.nil?
BCrypt::Password.new(digest).is_password?(token)
end
def forget
update_attribute(:remember_digest, nil)
end
private
# Convertsemail to all lower-case
def downcase_email
email.downcase!
end
# Create the token and digest
def create_activation_digest
self.activation_token = User.new_token
self.activation_digest = User.digest(:activation_token)
end
end
account_activations_controller.rb
class AccountActivationsController < ApplicationController
def edit
user = User.find_by(email: params[:email])
if user && !user.activated? && user.authenticated?(:activation, params[:id])
user.update_attribute(:activated, true)
user.update_attribute(:activated_at, Time.zone.now)
log_in user
flash[:success] = "Account activated!"
redirect_to user
else
flash[:danger] = "Invalid activation link"
redirect_to root_url
end
end
end
嗨,歡迎來到Stack Overflow。爲了幫助我們深入瞭解這裏正在發生的事情......請給我們提供一個鏈接到您正在研究的Hartl教程部分。我已經搜索了你在頂部的報價(開始:''使用廣義的認證?方法'),我從谷歌獲得的唯一一頁是這一個... –
一些小問題(可能只是拼寫錯誤而不是一個真正的錯誤)關於這行代碼:'User.authenticated(:activation,user.activation_token)'1)你真的在輸入'authenticated'還是'authenticated?(後者是方法的真實名稱 - 它需要問號)2)':'和符號的名稱之間不應該有空格,例如':activation'而不是':activation' 3)同樣在方法名和括號之間沒有空格,例如'authenticated('not'authenticated(' –
4)你爲什麼要在'User'而不是'user'上調用'authenticated?'?這是一個實例方法,而不是一個類方法,當然你應該使用:'user.authenticated?(:activation,user.activation_token)'或者類似的...? –