Hello Guys I have the following problem. I made a controller to reset the password of a user. Here is the controller: class PasswordResetsController < ApplicationController layout "sessions" def new end def create user = User.find_by_email!(params[:password_resets][:email] ) user.send_password_reset if user redirect_to root_url, :notice => "Las instrucciones para reestrablecer la contrasena fueron enviadas." end def edit @user = User.find_by_password_reset_token!(params[:id]) end def update @user = User.find_by_password_reset_token!(params[:id]) if @user.password_reset_at < (2.hours.ago).to_date redirect_to new_password_reset_path, :alert => "El link para actualizar la contrasena ha expirado." elsif @user.update_attributes(params[:user]) @user.reset_password_token redirect_to root_url, :notice => "La contrasena ha sido cambiada." else render :edit end end end Here is the model: class User < ActiveRecord::Base attr_accessible :email, :password, :password_confirmation has_secure_password before_save { |user| user.email = email.downcase } before_save :create_remember_token VALID_EMAIL_REGEX = /\A[\w+\-.]+@[a-z\d\-.]+\.[a-z]+\z/i validates :email, presence: true, format: { with: VALID_EMAIL_REGEX }, uniqueness: { case_sensitive: false } validates :password, presence: true, length: { minimum: 6 }, confirmation: true, unless: Proc.new { |a| !a.new_record? && a.password.blank? } def send_password_reset self.password_reset_token = SecureRandom.urlsafe_base64 self.password_reset_at = Time.zone.now save! UserMailer.password_reset(self).deliver end def reset_password_token self.password_reset_token = nil self.password_reset_at = nil save! end private def create_remember_token self.remember_token = SecureRandom.urlsafe_base64 end end Basically this is my problem: the user click on the link that he receive in his email, then user, use the form of the edit password_reset form to reset his password, everything works great, except the following issues; if the user leave the password field and the password_confirmation field in blank, the form_for didn''t validate and save the user with a blank password. I don''t know how to fix this. Does anybody has an idea? -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To view this discussion on the web visit https://groups.google.com/d/msg/rubyonrails-talk/-/IYetAvDMgrEJ. For more options, visit https://groups.google.com/groups/opt_out.
validates :password, presence: true, length: { minimum: 6 }, confirmation: true, unless: Proc.new { |a| !a.new_record? && a.password.blank? } because of this .. unless: .... so you have to modify that tom On Oct 28, 2012, at 23:43 , Jean <josorioe-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:> Hello Guys I have the following problem. I made a controller to reset the password of a user. > > Here is the controller: > > class PasswordResetsController < ApplicationController > > layout "sessions" > > def new > end > > def create > user = User.find_by_email!(params[:password_resets][:email] ) > user.send_password_reset if user > redirect_to root_url, :notice => "Las instrucciones para reestrablecer la contrasena fueron enviadas." > end > > def edit > @user = User.find_by_password_reset_token!(params[:id]) > end > > def update > @user = User.find_by_password_reset_token!(params[:id]) > if @user.password_reset_at < (2.hours.ago).to_date > redirect_to new_password_reset_path, :alert => "El link para actualizar la contrasena ha expirado." > elsif @user.update_attributes(params[:user]) > @user.reset_password_token > redirect_to root_url, :notice => "La contrasena ha sido cambiada." > else > render :edit > end > end > > end > > > Here is the model: > > class User < ActiveRecord::Base > attr_accessible :email, :password, :password_confirmation > has_secure_password > > before_save { |user| user.email = email.downcase } > before_save :create_remember_token > > VALID_EMAIL_REGEX = /\A[\w+\-.]+@[a-z\d\-.]+\.[a-z]+\z/i > validates :email, presence: true, format: { with: VALID_EMAIL_REGEX }, uniqueness: { case_sensitive: false } > validates :password, presence: true, length: { minimum: 6 }, confirmation: true, unless: Proc.new { |a| !a.new_record? && a.password.blank? } > > def send_password_reset > self.password_reset_token = SecureRandom.urlsafe_base64 > self.password_reset_at = Time.zone.now > save! > UserMailer.password_reset(self).deliver > end > > def reset_password_token > self.password_reset_token = nil > self.password_reset_at = nil > save! > end > > private > > def create_remember_token > self.remember_token = SecureRandom.urlsafe_base64 > end > > end > > > Basically this is my problem: > > the user click on the link that he receive in his email, then user, use the form of the edit password_reset form to reset his password, everything works great, except the following issues; if the user leave the password field and the password_confirmation field in blank, the form_for didn''t validate and save the user with a blank password. I don''t know how to fix this. Does anybody has an idea? > > -- > You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. > To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org > To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe@googlegroups.com. > To view this discussion on the web visit https://groups.google.com/d/msg/rubyonrails-talk/-/IYetAvDMgrEJ. > For more options, visit https://groups.google.com/groups/opt_out. > >-- ==============================================================================Tomas Meinlschmidt, MS {MCT, MCP+I, MCSE, AER}, NetApp Filer/NetCache www.meinlschmidt.com www.maxwellrender.cz www.lightgems.cz ============================================================================== -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
Tom, could you help me please. I tried this way: validates :password, presence: true, length: { minimum: 6 }, confirmation: true, unless: Proc.new { |a| !a.new_record? && a.password.blank? && a.password_reset_token.blank? } or this validates :password, presence: true, length: { minimum: 6 }, confirmation: true, unless: Proc.new { |a| !a.new_record? && a.password.blank? && !a.password_reset_token.blank? } But I can find I way to validate the presence password in my reset password form. Thanks On Sunday, October 28, 2012 6:32:42 PM UTC-4:30, tom meinlschmidt wrote:> > validates :password, presence: true, length: { minimum: 6 }, confirmation: > true, unless: Proc.new { |a| !a.new_record? && a.password.blank? } > > because of this .. unless: .... so you have to modify that > > tom > > On Oct 28, 2012, at 23:43 , Jean <joso...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org <javascript:>> wrote: > > > Hello Guys I have the following problem. I made a controller to reset > the password of a user. > > > > Here is the controller: > > > > class PasswordResetsController < ApplicationController > > > > layout "sessions" > > > > def new > > end > > > > def create > > user = User.find_by_email!(params[:password_resets][:email] ) > > user.send_password_reset if user > > redirect_to root_url, :notice => "Las instrucciones para > reestrablecer la contrasena fueron enviadas." > > end > > > > def edit > > @user = User.find_by_password_reset_token!(params[:id]) > > end > > > > def update > > @user = User.find_by_password_reset_token!(params[:id]) > > if @user.password_reset_at < (2.hours.ago).to_date > > redirect_to new_password_reset_path, :alert => "El > link para actualizar la contrasena ha expirado." > > elsif @user.update_attributes(params[:user]) > > @user.reset_password_token > > redirect_to root_url, :notice => "La contrasena ha > sido cambiada." > > else > > render :edit > > end > > end > > > > end > > > > > > Here is the model: > > > > class User < ActiveRecord::Base > > attr_accessible :email, :password, :password_confirmation > > has_secure_password > > > > before_save { |user| user.email = email.downcase } > > before_save :create_remember_token > > > > VALID_EMAIL_REGEX = /\A[\w+\-.]+@[a-z\d\-.]+\.[a-z]+\z/i > > validates :email, presence: true, format: { with: VALID_EMAIL_REGEX }, > uniqueness: { case_sensitive: false } > > validates :password, presence: true, length: { minimum: 6 }, > confirmation: true, unless: Proc.new { |a| !a.new_record? && > a.password.blank? } > > > > def send_password_reset > > self.password_reset_token = SecureRandom.urlsafe_base64 > > self.password_reset_at = Time.zone.now > > save! > > UserMailer.password_reset(self).deliver > > end > > > > def reset_password_token > > self.password_reset_token = nil > > self.password_reset_at = nil > > save! > > end > > > > private > > > > def create_remember_token > > self.remember_token = SecureRandom.urlsafe_base64 > > end > > > > end > > > > > > Basically this is my problem: > > > > the user click on the link that he receive in his email, then user, use > the form of the edit password_reset form to reset his password, everything > works great, except the following issues; if the user leave the password > field and the password_confirmation field in blank, the form_for didn''t > validate and save the user with a blank password. I don''t know how to fix > this. Does anybody has an idea? > > > > -- > > You received this message because you are subscribed to the Google > Groups "Ruby on Rails: Talk" group. > > To post to this group, send email to rubyonra...-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org<javascript:>. > > > To unsubscribe from this group, send email to > rubyonrails-ta...-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org <javascript:>. > > To view this discussion on the web visit > https://groups.google.com/d/msg/rubyonrails-talk/-/IYetAvDMgrEJ. > > For more options, visit https://groups.google.com/groups/opt_out. > > > > > > -- > =============================================================================== > > Tomas Meinlschmidt, MS {MCT, MCP+I, MCSE, AER}, NetApp Filer/NetCache > > www.meinlschmidt.com www.maxwellrender.cz www.lightgems.cz > =============================================================================== > > >-- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To view this discussion on the web visit https://groups.google.com/d/msg/rubyonrails-talk/-/d3jMj_PC3iwJ. For more options, visit https://groups.google.com/groups/opt_out.
you can add some other attribute and set, eg in user model attr_accessor :reset_password then set it as true def update user = User.find... user.reset_password = true ... end and then you can change your validates to use reset_password validates :password ... , if: Proc.new{|r| r.new_record? || r.reset_password || r.password.present?} tom On Oct 29, 2012, at 1:27 , Jean <josorioe-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:> Tom, could you help me please. I tried this way: > > validates :password, presence: true, length: { minimum: 6 }, confirmation: true, unless: Proc.new { |a| !a.new_record? && a.password.blank? && a.password_reset_token.blank? } > > or this > > validates :password, presence: true, length: { minimum: 6 }, confirmation: true, unless: Proc.new { |a| !a.new_record? && a.password.blank? && !a.password_reset_token.blank? } > > But I can find I way to validate the presence password in my reset password form. > > Thanks > > On Sunday, October 28, 2012 6:32:42 PM UTC-4:30, tom meinlschmidt wrote: > validates :password, presence: true, length: { minimum: 6 }, confirmation: true, unless: Proc.new { |a| !a.new_record? && a.password.blank? } > > because of this .. unless: .... so you have to modify that > > tom > > On Oct 28, 2012, at 23:43 , Jean <joso...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote: > > > Hello Guys I have the following problem. I made a controller to reset the password of a user. > > > > Here is the controller: > > > > class PasswordResetsController < ApplicationController > > > > layout "sessions" > > > > def new > > end > > > > def create > > user = User.find_by_email!(params[:password_resets][:email] ) > > user.send_password_reset if user > > redirect_to root_url, :notice => "Las instrucciones para reestrablecer la contrasena fueron enviadas." > > end > > > > def edit > > @user = User.find_by_password_reset_token!(params[:id]) > > end > > > > def update > > @user = User.find_by_password_reset_token!(params[:id]) > > if @user.password_reset_at < (2.hours.ago).to_date > > redirect_to new_password_reset_path, :alert => "El link para actualizar la contrasena ha expirado." > > elsif @user.update_attributes(params[:user]) > > @user.reset_password_token > > redirect_to root_url, :notice => "La contrasena ha sido cambiada." > > else > > render :edit > > end > > end > > > > end > > > > > > Here is the model: > > > > class User < ActiveRecord::Base > > attr_accessible :email, :password, :password_confirmation > > has_secure_password > > > > before_save { |user| user.email = email.downcase } > > before_save :create_remember_token > > > > VALID_EMAIL_REGEX = /\A[\w+\-.]+@[a-z\d\-.]+\.[a-z]+\z/i > > validates :email, presence: true, format: { with: VALID_EMAIL_REGEX }, uniqueness: { case_sensitive: false } > > validates :password, presence: true, length: { minimum: 6 }, confirmation: true, unless: Proc.new { |a| !a.new_record? && a.password.blank? } > > > > def send_password_reset > > self.password_reset_token = SecureRandom.urlsafe_base64 > > self.password_reset_at = Time.zone.now > > save! > > UserMailer.password_reset(self).deliver > > end > > > > def reset_password_token > > self.password_reset_token = nil > > self.password_reset_at = nil > > save! > > end > > > > private > > > > def create_remember_token > > self.remember_token = SecureRandom.urlsafe_base64 > > end > > > > end > > > > > > Basically this is my problem: > > > > the user click on the link that he receive in his email, then user, use the form of the edit password_reset form to reset his password, everything works great, except the following issues; if the user leave the password field and the password_confirmation field in blank, the form_for didn''t validate and save the user with a blank password. I don''t know how to fix this. Does anybody has an idea? > > > > -- > > You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. > > To post to this group, send email to rubyonra...-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org > > To unsubscribe from this group, send email to rubyonrails-ta...@googlegroups.com. > > To view this discussion on the web visit https://groups.google.com/d/msg/rubyonrails-talk/-/IYetAvDMgrEJ. > > For more options, visit https://groups.google.com/groups/opt_out. > > > > > > -- > =============================================================================== > Tomas Meinlschmidt, MS {MCT, MCP+I, MCSE, AER}, NetApp Filer/NetCache > > www.meinlschmidt.com www.maxwellrender.cz www.lightgems.cz > =============================================================================== > > > -- > You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. > To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org > To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe@googlegroups.com. > To view this discussion on the web visit https://groups.google.com/d/msg/rubyonrails-talk/-/d3jMj_PC3iwJ. > For more options, visit https://groups.google.com/groups/opt_out. > >-- ==============================================================================Tomas Meinlschmidt, MS {MCT, MCP+I, MCSE, AER}, NetApp Filer/NetCache www.meinlschmidt.com www.maxwellrender.cz www.lightgems.cz ============================================================================== -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.