[英]Devise showing user already logged in on password reset,
I am using devise plugin for resetting the user password, i have this problem, so the scenario is like , when i send link for resetting the password it lands to a custom reset page, which have view for resetting the password , but the weird thing the user is already logged in , when it lands to that page, if i click on main tab without resetting the password, i can navigate like i am already logged in. 我正在使用devise插件来重置用户密码,所以我遇到了这个问题,所以这种情况就像,当我发送用于重置密码的链接时,它会到达自定义重置页面,该页面具有用于重置密码的视图,但是很奇怪用户已经登录,登录到该页面后,如果我单击主选项卡而不重置密码,则可以像已登录一样进行导航。
How can i make sure that user should not be already logged in, once i reset the password then it should login again to use the account. 我该如何确保该用户不应该已经登录,一旦我重置密码,它就应该再次登录以使用该帐户。
Maybe you missing this line in your controller: 也许您在控制器中缺少此行:
before_action :authenticate_user! except: :change_password
This will not login the user for that particular controller action. 这不会为该特定控制器操作登录用户。
Note that change_password
will be the name of your controller action for changing the password. 请注意, change_password
将是用于更改密码的控制器操作的名称。
Unexpected login sometimes happen if routes.rb
allows two different signin path when different user models are used. 如果使用不同的用户模型时, routes.rb
允许两个不同的登录路径,则有时会发生意外的登录。
Run rake routes
and check if there is new_user_session_path
along with, for example, new_buyer_session_path
. 运行rake routes
,检查是否有new_user_session_path
以及例如new_buyer_session_path
。
If there is, fixing your routes might solve your problem. 如果有,修复您的路线可能会解决您的问题。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.