[ruby-on-rails] 升級到設計3.1 =>獲取重置密碼令牌無效



Answers

僅供參考,如果您嘗試通過其他方式(即不同的郵件程序)發送重置密碼令牌,您可以在User類中使用這樣的代碼(挖出Devise源代碼):

def send_invitation
  raw, enc = Devise.token_generator.generate(self.class, :reset_password_token)

  self.reset_password_token   = enc
  self.reset_password_sent_at = Time.now.utc
  self.save(:validate => false)

  Notifier.signup_notification(contactable: self, token: raw).deliver
end
Question

感謝史蒂文哈曼的這個gist ,我得到了它的工作。 devise_mail_helpers.rb

module Features
  module MailHelpers

    def last_email
      ActionMailer::Base.deliveries[0]
    end

    # Can be used like:
    #  extract_token_from_email(:reset_password)
    def extract_token_from_email(token_name)
      mail_body = last_email.body.to_s
      mail_body[/#{token_name.to_s}_token=([^"]+)/, 1]
    end

  end
end

我將文件devise_mail_helpers.rb添加到與功能規範相同的文件夾中,並編寫了此規範。

require 'devise_mail_helpers.rb'
include Features
include MailHelpers
describe "PasswordResets" do
  it "emails user when requesting password reset" do
    user = FactoryGirl.create(:user)
    visit root_url
    find("#login_link").click
    click_link "Forgot your password?"
    fill_in "Email", :with => user.email
    click_button "Send instructions"
    current_path.should eq('/users/sign_in')
    page.should have_content("You will receive an email with instructions about how to reset your password in a few minutes.")
    last_email.to.should include(user.email)
    token = extract_token_from_email(:reset_password) # Here I call the MailHelper form above
    visit edit_password_url(reset_password_token: token)
    fill_in "user_password", :with => "foobar"
    fill_in "user_password_confirmation", :with => "foobar1"
    find('.signup_firm').find(".submit").click
    page.should have_content("Password confirmation doesn't match Password")
  end
 end

這將照顧規範,使其在瀏覽器中工作,看看Dave的答案如下。

原始問題

在我的rails 4應用程序中,我已將設備升級到3.1並運行rails s ,然後我得到了這個:

`raise_no_secret_key': Devise.secret_key was not set. 
 Please add the following to your Devise initializer: (RuntimeError)
 config.secret_key = '--secret--'

我將密鑰添加到設計初始化程序。

在此之後,當我嘗試重置密碼時出現以下錯誤

Reset password token is invalid

似乎在電子郵件中發送的令牌不正確。 其他一切都在發揮作用。 我像溫暖的刀槽黃油一樣進出。

更新

現在我想它必須是一個加密reset_password_token東西來自功能規範:

user = FactoryGirl.create(:user, 
 :reset_password_token => "something", 
 :reset_password_sent_at => 1.hour.ago)
visit edit_password_url(user, :reset_password_token => 
  user.reset_password_token)
fill_in "user_password", :with => "foobar"
click_button "Change my password"
page.should have_content("Password confirmation doesn't match Password")

發生的錯誤是:

Failure/Error: page.should have_content
("Password confirmation doesn't match Password")        
expected to find text "Password confirmation doesn't match Password" in 
"Reset password token is invalid"

關於我缺少的任何想法?




我在規格上有這個錯誤。 我試圖在User上手動設置reset_password_token ,所以我可以將令牌傳遞給edit_user_password_path 。 但是,重置令牌會被哈希處理,因此手動設置它將不起作用。 哎呀! 為了避免這個錯誤,我將reset_token設置reset_token等於user.send_reset_password_instructions返回的實際令牌。

工作規範:

require 'spec_helper'

feature 'User resets password' do
  scenario 'fills out reset form' do
    user = create(:user)
    reset_token = user.send_reset_password_instructions
    new_password = 'newpassword!'
    visit edit_user_password_path(user, reset_password_token: reset_token)

    fill_in :user_password, with: new_password
    fill_in :user_password_confirmation, with: new_password
    click_button 'Change my password'

    expect(page).to have_content(
      'Your password was changed successfully. You are now signed in.'
    )
  end
end



正如其他人所指出的那樣:原因是需要改變生成包含重置密碼鏈接的郵件的視圖。

我看到了這個錯誤,因為我還在使用devise-i18n-views gem,它會生成舊的鏈接。 刪除那個寶石並依賴現在屬於devise-i18n gem的視圖解決了我的問題。




Related