I use devise_security_extension in order to have some password security features in my app.
I use password_expirable in one of my models, and when the password expires it goes to this view and I find no way to edit its content. Do you have any suggestion how I can control this view's HTML?
Currently, the gem will not automatically generate the view for you to edit. I think it's one of the things that people have asked for. In the meantime, you can manually create the file. If you look in the gem's:
devise_security_extension/app/views/devise/password_expired/show.html.erb
You'll see the current template for the view that the gem uses. Copy and paste this file into your views/devise/password_expired/show.html.erb
You'll then be able to edit it the way you'd like.
The file looks like this:
<h2>Renew your password</h2>
<%= form_for(resource, :as => resource_name, :url => [resource_name, :password_expired], :html => { :method => :put }) do |f| %>
<%= devise_error_messages! %>
<p><%= f.label :current_password, "Current password" %><br />
<%= f.password_field :current_password %></p>
<p><%= f.label :password, "New password" %><br />
<%= f.password_field :password %></p>
<p><%= f.label :password_confirmation, "Confirm new password" %><br />
<%= f.password_field :password_confirmation %></p>
<p><%= f.submit "Change my password" %></p>
<% end %>
Related
I have a page which has a login form, as well as a form to register. Here is the code:
<h3>Log In</h2>
<%= form_for Spree::User.new, :as => :spree_user, :url => spree.spree_user_session_path do |f| %>
<%= devise_error_messages! %>
<%= f.email_field :email, placeholder: "Email" %>
<%= f.password_field :password, placeholder: "Password" %>
<div><%= f.submit "Log In", class: "registrationbuttons" %></div>
<% end %>
<h3>Register Now</h2>
<%= form_for Spree::User.new, :as => :spree_user, :url => spree.spree_user_registration_path do |f| %>
<%= f.email_field :email, placeholder: "Email" %>
<%= f.password_field :password, placeholder: "Password" %>
<%= f.password_field :password_confirmation, placeholder: "Confirm Password" %>
<div><%= f.submit "Register", class: "registrationbuttons" %></div>
<% end %>
If a user uses the Log In form, and is asked if they want their browser to remember the password - If they select yes the next time they see this page, fields in the Register Now form (which they may have never user) populate.
How can I ensure only the correct fields get saved?
I found the solution here: http://benjaminjshore.info/2014/05/chrome-auto-fill-honey-pot-hack.html
I added this line:
<input type="password" name="password_fake" id="password_fake" value="" style="display:none;" />
To my 2nd form_for (the fields which were being incorrectly remembered). It now looks like this:
<%= form_for Spree::User.new, :as => :spree_user, :url => spree.spree_user_registration_path do |f| %>
<!-- fake fields are a workaround for chrome autofill getting the wrong fields -->
<input type="password" name="password_fake" id="password_fake" value="" style="display:none;" />
<%= f.email_field :email, placeholder: "Email" %><br>
<%= f.password_field :password, placeholder: "Password" %><br>
<%= f.password_field :password_confirmation, placeholder: "Confirm Password" %><br>
<div><%= f.submit "Register", class: "registrationbuttons" %></div>
<% end %>
Now the field is not remembered.
I have a devise users table with a fully functioning sign in/up form.
What I was wondering was how to have that users form appear on a different table.
For example
users/sign_in works perfectly
but
I want to have that form appear on movies/index
Ive tried adding the form code to the movies/index but i get this error
undefined local variable or method `resource' for #<#<Class:0x00000102cbf0b8>:0x00000103bb6d78>
This is the sign in form
<%= form_for(resource, :as => resource_name, :url => session_path(resource_name)) do |f| %>
<div><%= f.label :email %>
<%= f.email_field :email, :autofocus => true %></div>
<div><%= f.label :password %>
<%= f.password_field :password %></div>
<% if devise_mapping.rememberable? -%>
<div><%= f.check_box :remember_me %> <%= f.label :remember_me %></div>
<% end -%>
<div><%= f.submit "Sign in" %></div>
<% end %>
<%= render "devise/shared/links" %>
Thanks!
You can generate the views (I understand you already did that) and you can override the controllers, or, in your case, you can watch the controllers of Devise, take the code that you need, and in your view call a partial (from the Devise views).
I did something like that a few months ago, but what I did (that I don't fully suggest but I haven't find a better way) was to take the code from the Devise views, and copy the code in another view with some modifications:
<%= form_for(User.new, :as => "user", :url => session_path("user"), :remote => true) do |f| %>
<div><%= f.label :email %><br />
<%= f.email_field :email %></div>
<div><%= f.label :password %><br />
<%= f.password_field :password %></div>
<div><%= f.check_box :remember_me %> <%= f.label :remember_me %></div>
<div><%= f.submit "Sign in" , :class=>"blue_submit_degradiant", :id =>"sign_in_user"%></div>
<% end %>
It works, but the right way is to have a #user instead of User.new
The form path is user/invitations/invitations/edit.html.erb and new.html.erb
Edit.html.erb
<h2><%= t 'devise.invitations.edit.header' %></h2>
<%= form_for resource, :as => resource_name, :url => invitation_path(resource_name), :html => { :method => :put } do |f| %>
<%= devise_error_messages! %>
<%= f.hidden_field :invitation_token %>
<p><%= f.label :username %><br />
<%= f.text_field :username %></p>
<p><%= f.label :password %><br />
<%= f.password_field :password %></p>
<p><%= f.label :password_confirmation %><br />
<%= f.password_field :password_confirmation %></p>
<p><%= f.submit t("devise.invitations.edit.submit_button") %></p>
<% end %>
I added the following by myself in the edit.html.erb but the form isn't showing up the fields
<p><%= f.label :username %><br />
<%= f.text_field :username %></p>
Please let me know how to deal with this. And customize forms for devise_invitable
I Generated views again by following command:
rails generate devise_invitable:views users
and then found that the nesting done users/invitations/invitaions/edit.html.erb was wrong.
It should be like views/users/invitations/edit.html.erb
This solved my problem and now i am able to customize devise_invitable form.
Your replacement form should go here
app/views/devise/invitations/edit.html.erb
<%-roles = Role.all%>
<%= panel "Edit" do%>
<%= semantic_form_for(resource, :as => resource_name, :url => registration_path(resource_name), :html => { :method => :put }) do |f| %>
<%= f.error_messages %>
<% f.inputs do %>
<p><%= f.label :password %> <i>(leave blank if you don't want to change it)</i><br />
<%= f.password_field :password %></p>
<p><%= f.label :password_confirmation %><br />
<%= f.password_field :password_confirmation %></p>
<p><%= f.label :current_password %> <i>(we need your current password to confirm your changes)</i><br />
<%= f.password_field :current_password %></p>
<%=f.input :roles,:collection => Role.all%>
<% end %>
<% f.buttons do %>
<%=f.submit "Update" %></p>
<% end %>
In here, when I don't type any password in, the error message shows but also the role of the user gets changed as well. How do I make it so that the role doesn't change?
The user's role changes are in memory, no in database. You can do model.reload to discard memory changes and reload your user from database if a validation error happens.
for the devise registration form:
<%= form_for(resource, :as => resource_name, :url => registration_path(resource_name)) do |f| %>
<p><%= f.label :email %><br />
<%= f.email_field :email %></p>
<p><%= f.label :password %><br />
<%= f.password_field :password %></p>
<p><%= f.label :password_confirmation %><br />
<%= f.password_field :password_confirmation %></p>
<p><%= f.submit "Sign up", :class => 'button' %></p>
<% end %>
How can I add a remember_me checkbox, that says something like "Keep me logged-in on this computer."
Also, how can I make the default setting checked?
I tried with this but the checkbox is never checked on page load.
<%= f.check_box :remember_me %>
<%= f.label :remember_me, 'Keep me logged-in on this computer.', :style => 'display: inline-block;' %>
Thanks
First check that Devise rememberable is enabled and then add the checkbox with the standard form helper in Rails. To make it enabled by default we pass :checked => "checked" in the options hash:
<% if devise_mapping.rememberable? -%>
<%= f.check_box :remember_me, {:checked => "checked"} %>
<%= f.label :remember_me %>
<% end -%>
Someone pointed out to me recently that the suggested approach above (which does work) is not ideal because a user could un-check 'remember me' but make a mistake with their credentials. When the form re-loads 'remember me' will be checked again and they may not notice.
So you could instead use something like:
<%= f.check_box :remember_me, (resource.remember_me ? {} : { checked: true }) %>
First, take a look at the api
http://api.rubyonrails.org/classes/ActionView/Helpers/FormHelper.html#method-i-check_box
That will be the place to find answers to questions like this.
one of parameters accepted is an options hash, I believe if you pass in something along the lines of :checked => true it will accomplish what you're looking for.
check this Implementation of "Remember me" in a Rails application .