我试图更改用户密码并成功更改,但之后我不做任何事情,因为用户变得未经授权......我可能错过了重新验证用户的内容。
这是我更新密码的代码
def password
if current_user.valid_password?(params[:current_password])
current_user.password = params[:new_password]
if current_user.save
#sign them in
#tried doing this to sign them in again but didn't work
sign_in(:user, current_user)
response.headers['X-CSRF-Token'] = form_authenticity_token
response.headers['X-Pyne-Auth'] = current_user.authentication_token
render :json => {:success => true} and return
else
render :json => {:success => false, error: "Unexpected error while trying to save user. Please try again."} and return
end
else
render :json => {:success => false, error: "Your current password is incorrect. Please try again"} and return
end
end
我可以更新密码,但由于用户未经授权而无法再次访问该应用。
谢谢