[Rails] form_for validation it doesn't work

Ruby on Rails Sunday, October 28, 2012

Hello Guys I have the following problem. I made a controller to reset the password of a user.


Here is the controller:

class PasswordResetsController < ApplicationController

layout "sessions"
  def new
  end
  
  def create
  user = User.find_by_email!(params[:password_resets][:email] )
  user.send_password_reset if user
    redirect_to root_url, :notice => "Las instrucciones para reestrablecer la contrasena fueron enviadas."
  end
  
  def edit
  @user = User.find_by_password_reset_token!(params[:id])
  end
  
  def update
  @user = User.find_by_password_reset_token!(params[:id])
  if @user.password_reset_at < (2.hours.ago).to_date
  redirect_to new_password_reset_path, :alert => "El link para actualizar la contrasena ha expirado."
  elsif @user.update_attributes(params[:user])
  @user.reset_password_token
  redirect_to root_url, :notice => "La contrasena ha sido cambiada."
  else
  render :edit
  end
  end
  
end


Here is the model:

class User < ActiveRecord::Base
  attr_accessible :email, :password, :password_confirmation
  has_secure_password
  
  before_save { |user| user.email = email.downcase }
  before_save :create_remember_token
  
  VALID_EMAIL_REGEX = /\A[\w+\-.]+@[a-z\d\-.]+\.[a-z]+\z/i
  validates :email, presence: true, format: { with: VALID_EMAIL_REGEX }, uniqueness: { case_sensitive: false }
  validates :password, presence: true, length: { minimum: 6 }, confirmation: true, unless: Proc.new { |a| !a.new_record? && a.password.blank? }
  
def send_password_reset
self.password_reset_token = SecureRandom.urlsafe_base64
self.password_reset_at = Time.zone.now
save!
UserMailer.password_reset(self).deliver
end
def reset_password_token
self.password_reset_token = nil
self.password_reset_at = nil
save!
end
  
  private
 
  def create_remember_token
  self.remember_token = SecureRandom.urlsafe_base64
  end
  
end


Basically this is my problem:

the user click on the link that he receive in his email, then user, use the form of the edit password_reset form to reset his password, everything works great, except the following issues; if the user leave the password field and the password_confirmation field in blank, the form_for didn't validate and save the user with a blank password. I don't know how to fix this. Does anybody has an idea?

--
You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
To post to this group, send email to rubyonrails-talk@googlegroups.com.
To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msg/rubyonrails-talk/-/IYetAvDMgrEJ.
For more options, visit https://groups.google.com/groups/opt_out.
 
 

Posted by Ruby on Rails at 3:43 PM

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)