我正在尝试创建一个基本表单,用户可以在其中更改密码,但需要输入旧密码才能执行此操作。我无法验证用户的旧密码。每次我输入一个旧密码,当我知道密码时,密码就不匹配了。如果替换authenticate字段中的实际密码,则可以使用。如何引入表单中输入的内容以验证输入的旧密码?
形式:
<%= form_for(@user, :url => change_password_action_path(current_user.id), html: { "role" => "form" }) do |f| %>
<%= render 'shared/error_messages', object: f.object %>
<div class="form-group">
<%= f.label :old_password, "Old Password:", :class => "control-label" %>
<%= f.password_field :old_password, :class => "form-control" %>
</div>
<div class="form-group">
<%= f.label :password, "New Password:", :class => "control-label" %>
<%= f.password_field :password, :class => "form-control" %>
</div>
<div class="form-group">
<%= f.label :password_confirmation, "Password Confirmation:", :class => "control-label" %>
<%= f.password_field :password_confirmation, :class => "form-control" %>
</div>
<%= f.submit "Update Password", class: "btn btn-large btn-primary" %>
控制器
def change_password
@user = User.find(current_user.id)
end
def change_password_action
user = current_user.id
if User.find(user).authenticate(params[:old_password]) == false
flash[:danger] = "Password Doesnt Match: "
else
flash[:success] = "Password Match"
# Validate the new and confirm password.
end
redirect_to action: :change_password
end
路线
get '/change_password' => 'main#change_password'
patch '/change_password_action' => 'main#change_password_action'
Rails服务器日志
Started PATCH "/change_password_action.1" for 127.0.0.1 at 2014-01-15 09:04:38 -0600
Processing by MainController#change_password_action as
Parameters: {"utf8"=>"✓", "authenticity_token"=>"yYdUx37Q7alr3SccuMVjPwCJoMgMPOaiKTesSsILlP4=", "user"=>{"old_password"=>"[FILTERED]", "password"=>"[FILTERED]", "password_confirmation"=>"[FILTERED]"}, "commit"=>"Update Password"}
User Load (0.5ms) SELECT "users".* FROM "users" WHERE "users"."remember_token" = 'fc1baf63bac072bfefd5ed27664ece5427ad9e64' LIMIT 1
{"utf8"=>"✓", "_method"=>"patch", "authenticity_token"=>"yYdUx37Q7alr3SccuMVjPwCJoMgMPOaiKTesSsILlP4=", "user"=>{"old_password"=>"test123", "password"=>"", "password_confirmation"=>""}, "commit"=>"Update Password", "controller"=>"main", "action"=>"change_password_action", "format"=>"1"}
User Load (0.2ms) SELECT "users".* FROM "users" WHERE "users"."id" = ? LIMIT 1 [["id", 1]]
Redirected to http://localhost:3000/change_password
Completed 302 Found in 115ms (ActiveRecord: 0.7ms)
Started GET "/change_password" for 127.0.0.1 at 2014-01-15 09:04:39 -0600
Processing by MainController#change_password as HTML
User Load (0.2ms) SELECT "users".* FROM "users" WHERE "users"."remember_token" = 'fc1baf63bac072bfefd5ed27664ece5427ad9e64' LIMIT 1
User Load (0.1ms) SELECT "users".* FROM "users" WHERE "users"."id" = ? LIMIT 1 [["id", 1]]
Rendered shared/_error_messages.html.erb (0.1ms)
Rendered main/change_password.html.erb within layouts/application (2.6ms)
Rendered layouts/_header.html.erb (0.5ms)
Rendered layouts/_footer.html.erb (0.0ms)
Completed 200 OK in 19ms (Views: 16.2ms | ActiveRecord: 0.4ms)
答案 0 :(得分:2)
看起来您将错误的参数传递给authenticate方法。 尝试使用params [:user] [:old_password]而不是params [:old_password]。
您想要的参数值将位于:user键下,因为您的form_for正在使用用户对象。
您还可以在服务器日志中看到此内容,其中params哈希中的用户参数是: “user”=&gt; {“old_password”=&gt;“[过滤]”,“密码”=&gt;“[过滤]”,“password_confirmation”=&gt;“[过滤]”}