Rails: How to confirm email address entered in text box matches current user's email address?
Question
I am creating a page that allows a user to delete their account/profile. On this page, I have a text box where the user types their email address to confirm they are indeed the current user and that they want to delete their account (upon button click).
What I want to do is, when the user clicks the "Delete Account" button below the text box, I want to grab that text and compare it to the current user's email account. If it matches, I want to delete the user's account. If not, I want to flash an error message.
I have some of the logic figured out, and I will paste what I have below. Right now, if you click the 'Delete Account' button it deletes the user's account and redirects to the home page, and flashes a 'goodbye' message on the home page. However, there is no comparison functionality b/t current user's email and text box entry. I'm not sure if I can do this in Rails or if I will have to incorporate JavaScript. I am using Devise and Cancan.
Please be as explicit as possible, I am fairly new to Rails. Thank you!
Email box and button are at /settings/profile/delete, file is 'delete.html.haml'.
The email box
.field
= label :email, 'Email Address'
= email_field :email, 'Enter your email address', id: 'delete-email-box'
The Delete Account Button (below email box)
#confirm-delete-btn
= link_to 'Delete Account', user_registration_path, method: :delete, data:
{ confirm: 'Are you sure you want to delete your account? This cannot be
undone!' }, class: submit btn-delete'
= link_to 'Cancel', profile_index_path, id: 'cancel-profile'
profile_controller.rb
def delete
@user = current_user
@profile = current_user.profile
end
def destroy
@user = current_user
@profile = current_user.profile
if @profile.destroy
@user.destroy
redirect_to root_url, notice: "User deleted."
else
render_error_message
end
end
2 answers
solution1
2 ACCPTED 2014-06-20 17:14:27
Just looked at how to make a form to delete items and found this . So your form would look like this:
<% form_for(:user, :url => path_for_your_destroy_action(@user), :html => {:method => :delete}) do %>
email: <%= text_field_tag :mail %>
<%= submit_tag "Delete" %>
<% end %>
Now inside your destory method you could simply check if email matches current users email and if it does that delete his account:
def destroy
if current_user.email == params[:email]
current_user.destroy
redirect_to your_path, notice: "user deleted"
else
render "your_form", notice: "invalid email"
end
end
solution2
1 2014-06-20 19:45:14
Adding on to David's answer, based off of your code it looks like you are also trying to delete the user's profile. It isn't explicitly described how a user is related to a profile, but based off of how you're setting up things in your current destroy action I'm assuming its through some sort of association. In this case, you will still need to destroy the profile or it will remain as an unused row in your database. This can be accomplished through a simple addition to the destroy action:
def destroy
if current_user.email == params[:email]
current_user.profile.destroy
current_user.destroy
redirect_to your_path, notice: "user deleted"
else
render "your_form", notice: "invalid email"
end
end
However, this is clunky and can easily lead to errors in the future when you need to implement similar functionality elsewhere. A much DRYer Rails way to deal with this in at the Model Layer:
User.rb:
has_one :profile, dependent: :destroy
This will ensure that anytime a user is destroyed, its associated profile is also automatically destroyed.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.