[英]Completed 401 Unauthorized after updating password with devise
當我嘗試更新用戶密碼時,我有:
在3毫秒內完成401未經授權(ActiveRecord:0.6毫秒)
更新正常進行,但隨后我已注銷。 我想在此更新后保留日志。
我使用來自devise的update with password
方法。
Registrations_controller
def update_password
@user = current_user
authorize @user, :update?
if @user.update_with_password(user_params)
flash[:success] = t 'edit.success'
else
flash[:error] = t 'flash.error_occured'
end
redirect_to edit_user_registration_path + "##{t('users.account.title')}"
end
private
def user_params
params.require(:user).permit(
:current_password, :password, :email, :username )
end
查看代碼:
= form_for @user, url: update_password_path, html: { method: :put, role: 'form'} do |f|
= devise_error_messages!
= f.label t ('password.current')
= f.password_field :current_password, autocomplete: :off
= f.label t('password.new')
= f.password_field :password, autocomplete: :off
= f.submit t('button.change'), data: { disable_with: t('ajaxdoing') }
將您的update
操作更改為如下所示
def update_password
@user = current_user
authorize @user, :update?
if @user.update_with_password(user_params)
sign_in(@user, :bypass => true)
flash[:success] = t 'edit.success'
else
flash[:error] = t 'flash.error_occured'
end
redirect_to edit_user_registration_path + "##{t('users.account.title')}"
end
編輯:
更新密碼后,Devise會自動注銷,因此我們無法逃脫它,而是再次登錄用戶,並繞過了warder回調。
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.