如何“安全"地更改用户的电子邮件地址? [英] How to change email address of a user in devise "safely"?

问题描述

默认情况下，devise 使用电子邮件地址进行注册和登录.

By default, devise uses an email address for sign up and sign in.

但我希望用户可以更改电子邮件地址.

But I want that the email address should be allowed to be changed by the user.

如果我允许用​​户编辑电子邮件地址，而用户指定了一个不正确"(即错误拼写)的电子邮件地址，然后用户退出，并且用户也忘记了什么输入错误的电子邮件是，现在用户无法访问用户帐户！

If I allow the user to edit the email address, and the user specifies an "incorrect" (i.e. a typo by mistake) email address and then user signs out, and the user also forgets what the typo'ed email was, now the user account is inaccessible by the user!

如何最好地解决这个问题?(除了创建一个单独的、不可更改的用户名字段，它将始终允许用户登录)

How to best work around this? (except for creating a separate, unchangeable username field that will always allow user to login)

推荐答案

如果用户更改电子邮件，您可以强制用户再次确认其帐户.

You can force the user to confirm his account again if he changes his email.

一旦您更新了相关用户的密码，您需要取消确认该用户，然后重新发送确认邮件.

Once, you updated the password of the concerned user, you need to un-confirm the user, and then re-send the confirmation email.

取消用户确认:

user = User.find(1)
if user.confirmed?
  user.confirmed_at = nil
  user.save(:validate => false)
end

要重新发送电子邮件确认:

To resend the email confirmation :

user = User.find(1)
user.send_confirmation_instructions

希望对您有所帮助！

这篇关于如何“安全"地更改用户的电子邮件地址?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！