禁止密碼重置時的間隙失敗

Question

我正在使用許可並喜歡它，但我在重置密碼時遇到了問題。我輸入我的電子郵件來重置密碼，該密碼有效，但當我嘗試使用重置令牌導航到編輯密碼頁面時，出現禁止閃存錯誤時出現故障「請仔細檢查URL或嘗試再次提交表單「它將我重新導向回去。我在測試中遇到同樣的錯誤。

我認爲這與我的before_action語句有關，但我不知道如何解決它們。我研究瞭如this這樣的問題無濟於事。

我敢肯定這是一個愚蠢的問題，但我是新的，所以我非常感謝任何幫助。請讓我知道這是不是足夠的代碼。

class UsersController < Clearance::UsersController 
    before_action :require_login, only: [:create] # does this need to be in both user controllers? 

    ... 

    def user_params 
    params.require(:user) 
    end 
end 

這裏是間隙控制器。

class Clearance::UsersController < ApplicationController 
before_action :require_login, only: [:create] 
require 'will_paginate/array' 

    def new 
    @user = user_from_params 
    render template: 'users/new' 
    end 

    def create 
    @user = user_from_params 
    @user.regenerate_password 

    if @user.save 
     sign_in @user unless current_user 
     UserMailer.welcome_email(@user).deliver! 
     redirect_to users_path 
    else 
     render template: 'users/new' 
    end 
    end 

    def edit 
    @user = User.friendly.find(params[:id]) 
    end 

    def update 
    @user = User.friendly.find(params[:id]) 
    if @user.update(permit_params) 
     redirect_to @user 
     flash[:success] = "This profile has been updated." 
    else 
     render 'edit' 
    end 
    end 

private 

def avoid_sign_in 
    redirect_to Clearance.configuration.redirect_url 
end 

def url_after_create(user) 
    dashboards_path(user) 
end 

def user_from_params 
user_params = params[:user] || Hash.new 
is_public = check_public_params(user_params) 

first_name = user_params.delete(:first_name) 
last_name = user_params.delete(:last_name) 
email = user_params.delete(:email) 
password = user_params.delete(:password) 
parish = user_params.delete(:parish) 
division = user_params.delete(:division) 
admin = user_params.delete(:admin) 

Clearance.configuration.user_model.new(user_params).tap do |user| 
    user.first_name = first_name 
    user.last_name = last_name 
    user.password = password 
    user.email = email 
    user.is_public = is_public 
    user.parish_id = parish.to_i 
    user.division = division 
    user.admin = admin 
end 
end 

def permit_params 
    params.require(:user).permit(:first_name, :last_name, :email, :password, :is_public, :parish_id, :division, :admin) 
    end 
end 

編輯：routes.rb中的相關部分

Rails.application.routes.draw do 
    resources :passwords, controller: "clearance/passwords", only: [:create, :new] 
    resource :session, controller: "clearance/sessions", only: [:create] 

    resources :users, controller: "clearance/users", only: [:create] do 
    resource :password, 
     controller: "clearance/passwords", 
     only: [:create, :edit, :update] 
    end 

    get "/sign_in" => "clearance/sessions#new", as: "sign_in" 
    delete "/sign_out" => "clearance/sessions#destroy", as: "sign_out" 
    get "/sign_up" => "clearance/users#new", as: "sign_up" 
    constraints Clearance::Constraints::SignedOut.new do 
    root to: 'high_voltage/pages#show', id: 'landing' 
    end 

    constraints Clearance::Constraints::SignedIn.new do 
    # root to: 'dashboards#index', as: :signed_in_root 
    root to: 'high_voltage/pages#show', id: 'parish_dashboard', as: :signed_in_root 
    end 

    # constraints Clearance::Constraints::SignedIn.new { |user| user.admin? } do 
    # root to: 'teams#index', as: :admin_root 
    # end 

    resources :users do 
    collection { post :import } 
    end 

Answer 1

原來有，我找到密碼重置鏈接的用戶實例的方式之間的衝突。通過簡單的使用@user找到用戶，但由於我使用的是FriendlyId，我需要將其更改爲@user.id。

所以不是...

<%= link_to 'Change My Password', edit_user_password_url(@user, token: @user.confirmation_token.html_safe) %> 

我做

<%= link_to 'Change My Password', edit_user_password_url(@user.id, token: @user.confirmation_token.html_safe) %> 

感謝，Thoughbot，爲這個偉大的寶石！