has_secure_password 不能使用 key_digest 而不是 password_digest 吗?

编程问答 2022-04-28

问题描述

我正在尝试将 bcrpyt 与 has_secure_password 一起使用,但我使用的是 key_digest,而不是 password_digest 属性。因为 has_secure_password 的文档允许我们使用任何 XXX_digest。( https://api.rubyonrails.org/classes/ActiveModel/SecurePassword/ClassMethods.html#method-i-has_secure_password )

我使用它是因为系统会生成一个密钥,用户不需要输入任何密码。但是对于这个例子,我只是尝试将密钥加密并保存在数据库中。如果我将密钥更改为密码,它就可以工作。我不确定为什么键不起作用

我收到 NoMethodError in Users#newundefined method "key" for #<User:0x000000000d0beb38>

users_controller.rb

class UsersController < ApplicationController
  def new
    @user = User.new
  end

  def create
    @user = User.new(params[:user])
    if @user.save
      session[:user_id] = @user.id
      redirect_to root_url,notice: "Thank you for signing up!"
    else
      render "new"
    end
  end

  private
  ## Strong Parameters
  def user_params
    params.require(:user).permit(:email,:key_digest,:key)
  end
end

users/new.html.erb

<h1>Sign Up</h1>

<%= form_for @user do |f| %>
  <% if @user.errors.any? %>
    <div class="error_messages">
      <h2>Form is invalid</h2>
      <ul>
        <% @user.errors.full_messages.each do |message| %>
          <li><%= message %></li>
        <% end %>
      </ul>
    </div>
  <% end %>

  <div class="field">
    <%= f.label :email %><br />
    <%= f.text_field :email %>
  </div>
  <div class="field">
    <%= f.label :key %><br />
    <%= f.number_field :key %>
  </div>
  <div class="actions"><%= f.submit "Sign Up" %></div>
<% end %>

20210605052011_create_users.rb

class createusers < ActiveRecord::Migration[6.1]
  def change
    create_table :users do |t|
      t.string :email
      t.string :key_digest

      t.timestamps
    end
  end
end

routes.rb

Rails.application.routes.draw do

  root to: 'static#home'

  get 'static/home'
  get 'static/faq'
  get 'signup',to: 'users#new',as: 'signup'
  get 'login',to: 'sessions#new',as: 'login'
  get 'logout',to: 'sessions#destroy',as: 'logout'

  resources :users
  resources :sessions
  # For details on the DSL available within this file,see https://guides.rubyonrails.org/routing.html
end

解决方法

在您的用户模型中,没有字段 key,因此显示错误。更改您的代码如下以使用哈希密码保存!

将您的 app/views/users/new.html.erb 修改为:

<h1>Sign Up</h1>

<%= form_for @user do |f| %>
  <% if @user.errors.any? %>
    <div class="error_messages">
      <h2>Form is invalid</h2>
      <ul>
        <% @user.errors.full_messages.each do |message| %>
          <li><%= message %></li>
        <% end %>
      </ul>
    </div>
  <% end %>

  <div class="field">
    <%= f.label :email %><br />
    <%= f.text_field :email %>
  </div>
  <div class="field">
    <%= f.label :password %><br />
    <%= f.number_field :password %>
  </div>
  <div class="actions"><%= f.submit "Sign Up" %></div>
<% end %>

使用app/controllers/users_controller.rb

class UsersController < ApplicationController
  def new
    @user = User.new
  end

  def create
    @user = User.new(user_params)
    if @user.save
      session[:user_id] = @user.id
      redirect_to root_url,notice: "Thank you for signing up!"
    else
      render "new"
    end
  end

private
  ## Strong Parameters
  def user_params
    params.require(:user).permit(:email,:password)
  end
end

最后,不要忘记安装 bcrypt gem 并将此内容 app/models/user.rb 设置为:

class User < ApplicationRecord
  has_secure_password
  alias_attribute :password_digest,:key_digest
end

一切都会好起来的! :D

bcryptrubyrubyrubyruby-on-rails