我使用Omniauth允许用户通过Facebook,Twitter和谷歌。
I'm using Omniauth to allow users to sign in (and create an account) through Facebook, Twitter, and Google.
但是,如果用户决定不再使用这些服务,但继续使用他们的账户,他们将要添加密码。
However, if a user decides to not use those services anymore, but continue to use their account, they will want to add a password.
我怎样才能让用户在他们的帐户添加密码,无需输入当前密码 *?
How can I let a user add a password to their account without entering a current password?*
当我让一个用户进入 edit_user_registration_path(@user),他们看到下面的表格:
When I let a user go to the edit_user_registration_path(@user), they see the form below:
= form_for(resource, as: resource_name, url: registration_path(resource_name), html: { method: :put, name: 'validation'}) do |f| = devise_error_messages! = f.label :email, class: 'block' = f.email_field :email, class: 'large' %span.infobar Keep this here unless you'd like to change your email = f.label :password, class: 'block' = f.password_field :password, class: 'large' %span.infobar Leave blank if you don't want to change it = f.label :password_confirmation, class: 'block' = f.password_field :password_confirmation, class: 'large' - if @user.password_required? = f.label :current_password, class: 'block' = f.password_field :current_password, class: 'large' %span.infobar We need your current password to confirm changes = f.submit "Update"user.rb
def password_required? (authentications.empty? || !password.blank?) && super end正如你所看到的,我有这样如果 @ user.password_required?,则显示当前密码字段。尽管试图以创建帐户的新密码时不显示该字段,表单无法正确验证,因为需要当前密码。
As you can see, I have it so that if @user.password_required?, then show the current password field. Even though this field is not displayed when attempting to create a new password for the account, the form will not validate correctly, as a current password is required.
推荐答案我只覆盖了RegistrationsController#更新方法:
I just overwrote the RegistrationsController#update method:
class RegistrationsController < Devise::RegistrationsController def update # Override Devise to use update_attributes instead of update_with_password. # This is the only change we make. if resource.update_attributes(params[resource_name]) set_flash_message :notice, :updated # Line below required if using Devise >= 1.2.0 sign_in resource_name, resource, :bypass => true redirect_to after_update_path_for(resource) else clean_up_passwords(resource) render_with_scope :edit end end end来源:如何允许用户不提供密码修改其帐户
Source: How To: Allow users to edit their account without providing a password
更多推荐
Rails的3.2 Omniauth设计
发布评论