我正在尝试实施:lockable
模块到我的设备如下这个维基 https://github.com/plataformatec/devise/wiki/How-To:-Add-:lockable-to-Users但遇到了一些问题。在开发过程中,当登录尝试超过maximum_attempts
次,failed_attempts
属性得到正确更新并且用户帐户被锁定,但是:
1)尽管config.last_attempt_warning = true
不显示警告消息
2)我得到一个unlock_instructions
电子邮件,但是当我将链接复制粘贴到浏览器中时,我收到一个invalid authorisation token
error.
配置/初始化器/devise.rb
# ==> Configuration for :lockable
config.lock_strategy = :failed_attempts
config.unlock_keys = [:email]
config.unlock_strategy = :email
config.maximum_attempts = 3
config.last_attempt_warning = true
模型/用户.rb
class User < ApplicationRecord
devise :database_authenticatable, :confirmable, :registerable,
:recoverable, :rememberable, :trackable, :validatable, :lockable
end
视图/设计/会话/新
= flash[:alert] if flash[:alert]
= flash[:notice] if flash[:notice]
= simple_form_for(resource, as: resource_name, url: session_path(resource_name)) do |f|
.form-inputs
= f.input :email, required: false, autofocus: true
= f.input :password, required: false, autocomplete: "off"
= f.input :remember_me, as: :boolean if devise_mapping.rememberable?
.form-actions
= f.button :submit, "Log in"
db/migrate/YYYYMMDDxxx_add_lockable_to_devise.rb
class AddLockableToUsers < ActiveRecord::Migration[5.2]
def change
add_column :users, :failed_attempts, :integer, default: 0, null: false
add_column :users, :unlock_token, :string
add_column :users, :locked_at, :datetime
add_index :users, :unlock_token, unique: true
end
end
我没有任何待处理的迁移,也尝试重置数据库并重新启动服务器,但没有成功。
关于我做错了什么有什么想法吗?提前致谢。