Ruby-on-rails Rails Devise:设置密码重置令牌并重定向用户
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/5894191/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Rails Devise: Set password reset token and redirect user
提问by patrickdavey
In my app for a certain use case I create a new user (programmatically set the password) and send them a confirmation email.
在我的某个用例的应用程序中,我创建了一个新用户(以编程方式设置密码)并向他们发送确认电子邮件。
I would like them to be able to change their password immediately after confirming (without having to enter the system generated one which I don't want to send them)
我希望他们能够在确认后立即更改密码(无需进入系统生成的我不想发送的密码)
In effect I would like
1) System creates a new user account with generated password.
2) System sends confirmation email.
3) User clicks confirmation and is redirected to enter in their password (effectively send them to a URL like below)
实际上,我想
1) 系统使用生成的密码创建一个新用户帐户。
2) 系统发送确认邮件。
3) 用户点击确认并被重定向以输入他们的密码(有效地将他们发送到如下所示的 URL)
<a href="http://localhost:3000/users/password/edit?reset_password_token=v5Q3oQGbsyqAUUxyqLtb">Change my password</a>
Any help / pointers would be great.
任何帮助/指针都会很棒。
采纳答案by Anatortoise House
A simple way to have just one step for users to confirm email address and set initial password using the link you proposed...
一种简单的方法,让用户只需一个步骤即可使用您建议的链接确认电子邮件地址并设置初始密码...
Send one email your app generates, including a reset_password_token, and consider user's possession of that token confirmation of the validity of that email address.
发送您的应用生成的一封电子邮件,包括 reset_password_token,并考虑用户拥有该令牌以确认该电子邮件地址的有效性。
In system account generation code, assuming User model is set up with :recoverable and :database_authenticatable Devise modules...
在系统帐户生成代码中,假设用户模型设置了 :recoverable 和 :database_authenticable 设计模块...
acct = User.new
acct.password = User.reset_password_token #won't actually be used...
acct.reset_password_token = User.reset_password_token
acct.email = "[email protected]" #assuming users will identify themselves with this field
#set other acct fields you may need
acct.save
Make the devise reset password view a little clearer for users when setting initial password.
设置初始密码时,使用户的设备重置密码视图更清晰一些。
views/devise/passwords/edit.html.erb
意见/设计/密码/edit.html.erb
...
<%= "true" == params[:initial] ? "Set your password" : "Reset your password" %>
...
Generated Email
生成的电子邮件
Hi <%= @user.name %>
An account has been generated for you.
Please visit www.oursite.com/users/password/edit?initial=true&reset_password_token=<%= @user.reset_password_token %> to set your password.
No need to include :confirmable Devise module in your User model, since accounts created by your app won't get accessed without the reset_password_token in the email.
无需在您的用户模型中包含 :confirmable Devise 模块,因为如果电子邮件中没有 reset_password_token,您的应用程序创建的帐户将无法访问。
Devise will handle the submit and clear the reset_password_token field.
Devise 将处理提交并清除 reset_password_token 字段。
See devise_gem_folder/lib/devise/models/recoverable.rband database_authenticatable.rbfor details on reset_password_tokenmethod and friends.
有关方法和朋友的详细信息,请参阅devise_gem_folder/lib/devise/models/recoverable.rb和。database_authenticatable.rbreset_password_token
If you want to use Devise :confirmablemodule rather than this approach, see the Devise wiki page.
如果您想使用 Devise:confirmable模块而不是这种方法,请参阅Devise wiki 页面。
回答by ClaytonC
In Rails 4.1, the following modification of Anatortoise House's reply works:
在 Rails 4.1 中,对 Anatortoise House 的回复进行了以下修改:
user = User.new
user.password = SecureRandom.hex #some random unguessable string
raw_token, hashed_token = Devise.token_generator.generate(User, :reset_password_token)
user.reset_password_token = hashed_token
user.reset_password_sent_at = Time.now.utc
user.email = '[email protected]'
user.save!
# Use a mailer you've written, such as:
AccountMailer.set_password_notice(user, raw_token).deliver
The email view has this link:
电子邮件视图有这个链接:
www.oursite.com/users/password/edit?initial=true&reset_password_token=<%= @raw_token %>
回答by Sergii Mostovyi
You can call
你可以打电话
user.send(:set_reset_password_token)
It may not be stable, as it's a protected method but it can work for your case. Just cover it with a test.
它可能不稳定,因为它是一种受保护的方法,但它可以适用于您的情况。只需用测试覆盖它。
(tested on Devise v. 3.4)
(在 Devise v. 3.4 上测试)
回答by woto
Here is my snippet for mailer preview
这是我的邮件预览片段
class Devise::MailerPreview < ActionMailer::Preview
def reset_password_instructions
user = User.last
token = user.send(:set_reset_password_token)
Devise::Mailer.reset_password_instructions(user, token)
end
end
