Pt-I-1
Arash attempted:
I used filters again. At first I edited UsersController like this:
class UsersController < ApplicationController
before_filter :ensure_authentication, :only => :update
...then I edited application controller and added following method to it:
private
def ensure_authentication
unless flash[:auth]
redirect_to login_url, notice: 'Authentication is requiered!'
end
endand finally I updated “create” action in SessionController like this:
def create
user = User.find_by_name(params[:name])
if user and user.authenticate(params[:password])
if session[:user_id]
flash[:auth] = true
redirect_to users_url, notice: "User's password updated"
else
session[:user_id] = user.id
redirect_to admin_url
end
else
redirect_to login_url, notice: "Username/password combination is wrong"
end
endand everything works perfectly! :)
somebody
I did something different:
In the users_controllers.rb
def edit
@user = User.find(params[:id])
params[:action] = :edit
enddef update
@user = User.find(params[:id])
if @user.authenticate(params:user)
params[:user].delete :current_password
respond_to do |format|
if @user.update_attributes(params[:user])
format.html { redirect_to users_url, notice: "User #{@user.name} was successfully updated." }
format.json { head :ok }
else
format.html { render action: "edit" }
format.json { render json: @user.errors, status: :unprocessable_entity }
end
end
else
redirect_to edit_user_path(@user), notice: 'Current password is incorrect'
end
endin the _form.html.erb (users) I added:
<% if params[:action] == :edit %>
<%= f.label :current_password, 'Current password' %>
<%= f.password_field :current_password, size: 40 %>
<% end %>in the edit.html.erb (users) I added:
<% if notice %>
<%= notice %>
<% end %>
Following line doesn’t display correctly in browser: if @user.authenticate(params:user) if @user.authenticate(params[:user][:current_password])
Instead it should looks like this: