我不知道我的答案是否是幻想,但适用于我。我希望有人能改善我所做的。
class SessionsController < Devise::SessionsController
def create
recover_old_password unless user_signed_in?
resource = warden.authenticate! auth_options
set_flash_message(:notice, :signed_in) if is_navigational_format?
sign_in resource_name, resource
respond_with resource, :location => after_sign_in_path_for(resource)
end
def recover_old_password
email = params[:user]['email']
pass = Digest::MD5.hexdigest params[:user]['password']
@user = User.find_by_email_and_encrypted_old_password(email, pass)
if @user.blank?
resource = warden.authenticate! auth_options
respond_with resource, :location => after_sign_in_path_for(resource)
elsif
if [email protected]_password.nil?
@user.encrypted_password = BCrypt::Password.create params[:user]['password']
@user.save
create
end
end
end
end
这里有什么问题? –
“如果不登录,然后用户可以访问,我如何构建”recover_old_password“以更新encrypted_password?” –
@markotom没有得到问题 – Viren