Ruby on rails 在没有密码的情况下更新密码会导致设备丢失密码验证
假设我的当前密码是1234,它必须至少有4个字符长 我在表单中有3个输入字段:Ruby on rails 在没有密码的情况下更新密码会导致设备丢失密码验证,ruby-on-rails,validation,ruby-on-rails-4,devise,Ruby On Rails,Validation,Ruby On Rails 4,Devise,假设我的当前密码是1234,它必须至少有4个字符长 我在表单中有3个输入字段: new password new password confirmation current password 当我使用用密码更新\u时和输入 new password: 5678 new password confirmation: 5678 current paswword: 1234 它更新成功 例如,如果我使用 new password: 12 new password confirmation: 23
new password
new password confirmation
current password
用密码更新\u时new password: 5678
new password confirmation: 5678
current paswword: 1234
new password: 12
new password confirmation: 23
current password: 1234
update\u而不使用密码时current password字段new password: 12
new password confirmation: 34
帐户已成功更新class Users::RegistrationsController < Devise::RegistrationsController
def edit
@images = Dir.glob("public/assets/images/users/#{current_user.id}/med/*")
end
def update
if params[:image_file_path]
ff = File.open("public/"+params[:image_file_path])
resource.image = ff
resource.save!
end
self.resource = resource_class.to_adapter.get!(send(:"current_#{resource_name}").to_key)
prev_unconfirmed_email = resource.unconfirmed_email if resource.respond_to?(:unconfirmed_email)
resource_updated = resource.update_without_password(account_update_params)
yield resource if block_given?
if resource_updated
if is_flashing_format?
flash_key = update_needs_confirmation?(resource, prev_unconfirmed_email) ?
:update_needs_confirmation : :updated
set_flash_message :notice, flash_key
end
sign_in resource_name, resource, bypass: true
respond_with resource, location: after_update_path_for(resource)
else
@images = Dir.glob("public/assets/images/users/#{current_user.id}/med/*")
clean_up_passwords resource
respond_with resource
end
end
private
def sign_up_params
params.require(:user).permit(:first_name, :last_name, :email, :password, :password_confirmation, :telephone, :image, :address, :birthday)
end
def account_update_params
params.require(:user).permit(:first_name, :last_name, :email, :password, :password_confirmation, :telephone, :image, :image_file_path, :address, :birthday)
end
protected
def update_resource(resource, params)
resource.update_without_password(params)
end
def after_update_path_for(resource)
edit_user_registration_path
end
end
类用户::注册控制器<设计::注册控制器
定义编辑
@images=Dir.glob(“public/assets/images/users/#{current_user.id}/med/*”)
结束
def更新
如果参数[:图像文件路径]
ff=File.open(“public/”+params[:image\u File\u path])
resource.image=ff
资源节约!
结束
self.resource=resource\u class.to\u adapter.get!(发送(:“当前#{resource_name}”)。到_键)
prev_unconfirm_email=resource.unconfirm_email if resource.respond_to?(:unconfirm_email)
resource\u updated=资源。无密码更新(帐户更新参数)
如果给定块,是否产生资源?
如果资源更新
如果是闪烁的格式?
flash\u key=更新\u需要\u确认?(资源,上一封未确认的\u电子邮件)?
:更新\需要\确认::更新
设置闪光信息:注意,闪光键
结束
在资源中签名\u名称、资源、旁路:true
使用资源响应,位置:更新后路径(资源)
其他的
@images=Dir.glob(“public/assets/images/users/#{current_user.id}/med/*”)
清除密码资源
用资源回应你
结束
结束
私有的
def注册参数
参数require(:user).permit(:名字,:姓氏,:电子邮件,:密码,:密码确认,:电话,:图像,:地址,:生日)
结束
def帐户更新参数
参数require(:user).permit(:名字,:姓氏,:电子邮件,:密码,:密码确认,:电话,:图像,:图像文件路径,:地址,:生日)
结束
受保护的
def更新_资源(资源,参数)
资源。在不使用密码的情况下更新\u(参数)
结束
更新后的def路径(资源)
编辑用户注册路径
结束
结束
<%= form_for(resource, as: resource_name, url: registration_path(resource_name), html: {method: :put }) do |f| %>
<div class="form-group">
<%= f.label :password, "Change Password", class: 'control-label' %>
<i>(leave blank if you don't want to change it)</i><br />
<%= f.password_field :password, autocomplete: "off", class: 'form-control' %>
</div>
<div class="form-group">
<%= f.label :password_confirmation, "New Password Confirmation", class: 'control-label' %><br />
<%= f.password_field :password_confirmation, autocomplete: "off", class: 'form-control' %>
</div>
<%= f.submit "Save", class: 'btn btn-success' %>
<%end%>
(如果不想更改,请留空)