使用Devise与Omniauth我成功地允许用户使用他们的Facebook帐户登录。在Omniauth wiki的帮助下,我还能够禁用在编辑帐户时输入密码。
我遇到的当前问题是,如果他们通过Facebook注册,则将密码字段隐藏在我的registrations#edit视图中。作为两个宝石的新手我还在努力调整。因此,在设置必要的辅助方法时,我有点不知所措。
根据维基的指示,这是我的注册控制器的样子:
class RegistrationsController < Devise::RegistrationsController
before_filter :configure_permitted_parameters, if: :devise_controller?
def update
@user = User.find(current_user.id)
successfully_updated = if needs_password?(@user, params)
@user.update_with_password(devise_parameter_sanitizer.sanitize(:account_update))
else
# remove the virtual current_password attribute
# update_without_password doesn't know how to ignore it
params[:user].delete(:current_password)
@user.update_without_password(devise_parameter_sanitizer.sanitize(:account_update))
end
if successfully_updated
set_flash_message :notice, :updated
# Sign in the user bypassing validation in case their password changed
sign_in @user, :bypass => true
redirect_to after_update_path_for(@user)
else
render "edit"
end
end
private
# check if we need password to update user data
# ie if password or email was changed
# extend this as needed
def needs_password?(user, params)
user.email != params[:user][:email] ||
params[:user][:password].present? ||
params[:user][:password_confirmation].present?
end
protected
def configure_permitted_parameters
devise_parameter_sanitizer.for(:sign_up) do |u|
u.permit(:first_name, :last_name, :email, :password, :password_confirmation)
end
devise_parameter_sanitizer.for(:account_update) do |u|
u.permit(:first_name, :last_name, :email, :password, :password_confirmation)
end
end
end
这是我的registrations#edit观点:
<% provide :title, 'Edit Profile' %>
<h2>Edit <%= resource_name.to_s.humanize %></h2>
<%= form_for(resource, as: resource_name, url: registration_path(resource_name), html: { method: :put }) do |f| %>
<%= devise_error_messages! %>
<div><%= f.label :first_name %><br />
<%= f.text_field :first_name %></div>
<div><%= f.label :last_name %><br />
<%= f.text_field :last_name %></div>
<div><%= f.label :email %><br />
<%= f.email_field :email %></div>
<% if devise_mapping.confirmable? && resource.pending_reconfirmation? %>
<div>Currently waiting confirmation for: <%= resource.unconfirmed_email %></div>
<% end %>
<div><%= f.label :password %> <i>(leave blank if you don't want to change it)</i><br />
<%= f.password_field :password, autocomplete: "off" %></div>
<div><%= f.label :password_confirmation %><br />
<%= f.password_field :password_confirmation, autocomplete: "off" %></div>
<div><%= f.label :current_password %> <i>(we need your current password to confirm your changes)</i><br />
<%= f.password_field :current_password, autocomplete: "off" %></div>
<div><%= f.submit "Update" %></div>
<% end %>
UPDATE
经过一些广泛的研究后,我能够找到一个question,它隐藏了输入字段(问题中倒数第二个评论)。唯一的问题是,由于某种原因,它会触发密码验证错误,尽管它不存在...
<div>
<%= f.label :first_name %><br />
<%= f.text_field :first_name %>
</div>
<div>
<%= f.label :last_name %><br />
<%= f.text_field :last_name %>
</div>
<% if user_signed_in? && !current_user.provider == 'facebook' %>
<div>
<%= f.label :email %><br />
<%= f.email_field :email %>
</div>
<% if devise_mapping.confirmable? && resource.pending_reconfirmation? %>
<div>Currently waiting confirmation for: <%= resource.unconfirmed_email %></div>
<% end %>
<div>
<%= f.label :password %><br />
<%= f.password_field :password %>
</div>
<div>
<%= f.label :password_confirmation %><br />
<%= f.password_field :password_confirmation %>
</div>
<div>
<%= f.label :current_password %> <i>(we need your current password to confirm your changes)</i><br />
<%= f.password_field :current_password %>
</div>
在搜索完网站后,我终于找到了如何使用它。
我的第一个业务是使用这个devise wiki的注册控制器的第一个代码示例
def update
# For Rails 4
account_update_params = devise_parameter_sanitizer.sanitize(:account_update)
# For Rails 3
# account_update_params = params[:user]
# required for settings form to submit when password is left blank
if account_update_params[:password].blank?
account_update_params.delete("password")
account_update_params.delete("password_confirmation")
end
@user = User.find(current_user.id)
if @user.update_attributes(account_update_params)
set_flash_message :notice, :updated
# Sign in the user bypassing validation in case their password changed
sign_in @user, :bypass => true
redirect_to after_update_path_for(@user)
else
render "edit"
end
end
接下来是添加一个方法来覆盖上面代码上方用户当前密码的验证。特别感谢Lauri Laine在这篇文章中的回答:Editing Users With Devise and Omniauth
# Overwrite update_resource to let users to update their user without giving their password
def update_resource(resource, params)
if current_user.provider == "facebook"
params.delete("current_password")
resource.update_without_password(params)
else
resource.update_with_password(params)
end
end
最后,我不得不将:current_password作为虚拟属性添加到我的用户模型中,一切正常!
attr_accessor :current_password
希望这有助于任何有/将遇到此问题的人。我知道这让我感到困惑了一分钟,但很高兴我能够把它弄清楚。将很快与omniauth的twitter gem一起测试。
这是一种可能的不同方法。
从这个页面:https://github.com/plataformatec/devise/tree/master/app/views/devise我已经将共享和会话文件夹复制到
应用程序/视图/设计/
之后,我能够编辑视图并隐藏我想要的任何内容。