[英]Why signing in doesn't work?
當我嘗試使用數據庫中已經存在的實際用戶信息登錄時,系統將顯示“無效的電子郵件/密碼確認”錯誤,但這不是應該的。
這是為什么?
controllers / sessions_controller.rb
class SessionsController < ApplicationController
def new
end
def create
user = User.authenticate(params[:session][:email], params[:session][:password])
if user.nil?
flash.now[:error] = "Invalid email/password confirmation."
render :new
else
sign_in user
redirect_to user
end
end
def destroy
sign_out
redirect_to signin_path
end
end
app / views / sessions / new.html
<h1>Sign in</h1>
<% if flash[:error] %>
<p><%= flash[:error] %></p>
<% end %>
<%= simple_form_for(:session, url: sessions_path) do |f| %>
<%= f.input :email %>
<%= f.input :password%>
<%= f.button :submit %>
<% end %>
<p>New user? <%= link_to "Sign up now!", signup_path %></p>
app / helpers / sessions_helper.rb
module SessionsHelper
def sign_in(user)
session[:user_id] = user.id
self.current_user = user
end
def current_user=(user)
@current_user = user
end
def current_user
if session[:user_id]
@current_user ||= User.find(session[:user_id])
end
end
def signed_in?
!current_user.nil?
end
def sign_out
session[:user_id] = nil
self.current_user = nil
end
def current_user?(user)
user == current_user
end
def deny_access
redirect_to signin_path, notice: "Please sign in to access this page."
end
end
型號/user.rb
class User < ActiveRecord::Base
has_many :tasks
attr_accessor :password, :salt, :encrypted_password
EMAIL_REGEX = /\A[\w+\-.]+@[a-z\d\-.]+\.[a-z]+\z/i
validates :first_name, presence: true,
length: {maximum: 20}
validates :last_name, presence: true,
length: {maximum: 40}
validates :email, presence: true,
format: {with: EMAIL_REGEX},
uniqueness: {case_sensitive: false}
validates :password, presence: true,
confirmation: true,
length: {within: 6..40}
before_save :encrypt_password
def has_password?(submitted_password)
encrypted_password == encrypt(submitted_password)
end
def self.authenticate(email, submitted_password)
user = find_by_email(email)
return nil if user.nil?
return user if user.has_password?(submitted_password)
end
private
def encrypt_password
self.salt = Digest::SHA2.hexdigest("#{Time.now.utc}--#{password}")
self.encrypted_password = encrypt(password)
end
def encrypt(pass)
Digest::SHA2.hexdigest("#{self.salt}--#{pass}")
end
end
有人可以幫忙嗎?
嘗試從models / user.rb的以下行中刪除:salt和:encrypted_password
attr_accessor :password, :salt, :encrypted_password
改成:
attr_accessor :password
這些值存儲在數據庫中,因此您可能會覆蓋為這兩個字段創建的活動記錄中創建的方法,並且永遠不會對其進行初始化。
從您的代碼中,我看到的是一個confirmation :true
password
confirmation :true
,但是您的form
沒有password_confirmation
字段。 嘗試包括它
<%= f.input :password_confirmation %>
並將其作為attr_accessor
在User
模型中。
如果您不希望輸入密碼確認字段,則刪除confirmation: true
對於驗證中的密碼,為confirmation: true
。
validates :password, presence: true, length: {within: 6..40}
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.