CODEWITHSUNDEEP
ruby-on-railsruby-on-rails-3
Alain Goldman
Alain Goldman

Reputation: 2908

Rails - How to password reset (without email confirm)

I'm new to rails and I want to offer users the feature to change password in their user page. Requiring their old password and setting a new one. However, I have no idea how to accomplish this.

There is a Railscasts episode on resetting password through email but I dont want to do it with email.

I generated a Password Update controller. But I know I am making a terrible mistake. Hopefully you guys can point it out. And hopefully this question wasn't too confusing.

password updates controller

  class PasswordUpdateController < ApplicationController
  def new
  end

  def update
  end

  def show
    @user = User.find(params[:id]) 
  end
  end

new password_update

 %h1
 = form_for @user, :url => password_update_path(params[:id]) do |f|
   .field
     = f.label :old_password
     = f.password_field :password
   .field
     = f.label :password
     = f.password_field :password
   .field
     = f.label :password_confirmation
     = f.password_field :password_confirmation
   .actions
     = f.submit "Update Password"

Routing Error No route matches [POST] "/password_update/1"

routes.rb

TootApp::Application.routes.draw do

get "sessions/new"

get "static_pages/home"

get "static_pages/help"

get "password_updates/new"

resources :sessions

resources :products

resources :photos

resources :password_update

Upvotes: 0

Views: 192

Answers (1)

Adrian Teh
Adrian Teh

Reputation: 1967

That's not how you should use controllers. Password update should be an 'action' within a 'controller' and that controller, when it comes to user credentials, should rightfully be in the UsersController, where an 'update' action takes in parameters that you post from a form:

class UsersController < ApplicationController
  def update
    @user = User.find(params[:id])
    @user.update_attributes(params[:user])
    ....
  end
end

And in your HTML form, you can just specify:

= form_for @user do |f|
  ...

without even needing to specify the URL, since rails will implicitly provide you with the right URL in the background :)

And make sure to have your 'Routes' correctly setup like so:

resources :users

It basically sets up the RESTful routes for users. You can find out the routes it generates, by running the following in your console:

rake routes

Apart from hooking up your own user credential management features, why not try out the devise gem by Jose Valim, and pair it with SimpleForm gem.

Hope this helps!

Upvotes: 3

Related Questions