Check if user exists for Password Reset - Devise . Rails
Question
and devise, i make a test on the reset password function, everything is working fine, there is just one issue
If i delete a user, he still can ask for his password, the link inside the email, dosent work, but, how can i check if the user exists first, before sending the email, im just using this.
devise :database_authenticatable, :registerable,
:recoverable, :rememberable, :validatable
I also have pulled up the views, but , how can i check this.
2 answers
solution1
0 2013-12-11 07:03:06
Try using
before_filter :authenticate_user!
in application controller and try again.
solution2
0 2013-12-11 07:17:17
A public user still has access to the "Forget password" page and can still provide an email to send to. However, this email has to exist in your DB for the reset_password_instructions email to be sent to that email. If the public user has no account with your application, the email won't be sent. If, however, the public user guesses a correct email, he would need to find a way to access that email. :)
In short, you don't need to check if the user exists.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.