我有一個_form.html.erb部分,將用戶輸入發送到更新方法在控制器需要舊密碼更改新密碼authlogic認證
<div id='myaccount-profile_name_form' class='clearfix'>
<fieldset id="myaccount-profile" class='five columns'>
<ul id="posting_classified_form">
<li>
<%= f.label :first_name %>
<%= f.text_field :first_name, :placeholder => "First Name" %>
</li>
<li>
<%= f.label :last_name %>
<%= f.text_field :last_name %>
</li>
<li>
<%= f.label :email %>
<%= f.text_field :email %>
</li>
<li>
<%= f.label :form_birth_date, "Birthday" %>
<%= f.text_field :form_birth_date, :class => 'ui-yearpicker', :placeholder => "mm/dd/yyyy" %>
</li>
</ul>
</fieldset>
</div>
<div id='myaccount-profile_form' class='clearfix' >
<fieldset id="myaccount-profile-password" class='five '>
<ul id="posting_classified_form">
<li>
<%= f.label :current_password, "Current Password", :placeholder => "We need your current password to confirm your changes", :required => true %>
<%= f.password_field :password %>
</li>
<li>
<%= f.label :password, "New Password" %>
<%= f.password_field :password %>
</li>
<li>
<%= f.label :password_confirmation, "Confirm", :style => "white-space:normal;" %>
<%= f.password_field :password_confirmation %>
</li>
</ul>
</fieldset>
<div class="actions"><%= f.submit 'Update' , :class => 'goButton', :style => 'width:auto;float:right;'%></div>
</div>
這是在控制器編輯/更新方法
def edit
@user = current_user
end
def update
@user = current_user
if @user.valid_password?(params[:user][:current_password])
binding.pry
@user.update_attributes(params[:user])
flash[:notice] = "Successfully updated user."
redirect_to umarket_index_url
else
flash[:notice] = "An error occurred while updating user please try again."
redirect_to umarket_index_url
# render :edit
end
end
我們使用authlogic gem來進行身份驗證。我找到了valid_password?來自authlogic doc。我想讓用戶只有在用戶輸入正確的密碼後才能更改密碼。
服務器日誌看起來是這樣
Started GET "/myaccount/overview/edit" for 127.0.0.1 at 2014-07-03 11:16:07 -0400
Processing by Myaccount::OverviewsController#edit as HTML
User Load (0.5ms) SELECT "users".* FROM "users" WHERE "users"."id" = 6 LIMIT 1
Rendered myaccount/overviews/_form.html.erb (2.7ms)
Rendered myaccount/overviews/edit.html.erb (5.3ms)
Completed 200 OK in 16ms (Views: 5.9ms | ActiveRecord: 0.5ms)
Started PUT "/myaccount/overview" for 127.0.0.1 at 2014-07-03 11:16:14 -0400
Processing by Myaccount::OverviewsController#update as HTML
Parameters: {"utf8"=>"✓", "authenticity_token"=>"b01gMlAQOJpu6Zu+mg+M4v2VYfm0AZvTAfKXa+ArJxU=", "user"=>{"first_name"=>"Judy", "last_name"=>"Ngai", "email"=>"[email protected]", "form_birth_date"=>"[email protected]", "password"=>"[FILTERED]", "password_confirmation"=>"[FILTERED]"}, "commit"=>"Update"}
User Load (0.6ms) SELECT "users".* FROM "users" WHERE "users"."id" = 6 LIMIT 1
Redirected to http://localhost:3000/umarket
Completed 302 Found in 15ms (ActiveRecord: 0.6ms)
的密碼並沒有得到改變。日誌中沒有錯誤。我不使用authlogic,所以我很困惑。
執行'@ user.update_attributes([:用戶] PARAMS)後'嘗試尋找到'@ user.errors',看看是否有你不需要說任何User.find_by驗證失敗 –