如何更改“安全”设计用户的电子邮件地址？ [英] How to change email address of a user in devise "safely"?

问题描述

默认情况下，设计使用电子邮件地址注册并登录。

By default, devise uses an email address for sign up and sign in.

但是我希望用户可以更改电子邮件地址。

But I want that the email address should be allowed to be changed by the user.

如果我允许用​​户编辑电子邮件地址，并且用户指定不正确（即错误输入错误）电子邮件地址，然后用户注销，和，用户也会忘记输入的电子邮件是什么，现在是用户帐户用户无法访问！

If I allow the user to edit the email address, and the user specifies an "incorrect" (i.e. a typo by mistake) email address and then user signs out, and the user also forgets what the typo'ed email was, now the user account is inaccessible by the user!

如何最好地解决这个问题？ （除了创建一个永远允许用户登录的单独的，不可更改的用户名字段）

How to best work around this? (except for creating a separate, unchangeable username field that will always allow user to login)

推荐答案

您可以强制用户确认如果他更改了他的电子邮件，他的帐户再次。

You can force the user to confirm his account again if he changes his email.

一旦更新了相关用户的密码，您需要取消确认用户，然后重新发送确认电子邮件。

Once, you updated the password of the concerned user, you need to un-confirm the user, and then re-send the confirmation email.

要取消确认用户：

user = User.find(1)
if user.confirmed?
  user.confirmed_at = nil
  user.save(:validate => false)
end

要重新发送电子邮件确认：

To resend the email confirmation :

user = User.find(1)
user.send_confirmation_instructions

希望这个帮助！

这篇关于如何更改“安全”设计用户的电子邮件地址？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！