I’d like to force a user to change their password on login (assuming they’ve

Question

0

Editorial Team

Asked: May 21, 20262026-05-21T19:04:47+00:00 2026-05-21T19:04:47+00:00

I’d like to force a user to change their password on login (assuming they’ve

0

I’d like to force a user to change their password on login (assuming they’ve got a certain boolean marker set to true).

Right now I’m trying to do it via a before_filter called change_password_check that’s in ApplicationController.

def change_password_check
  if current_user.change_password == true
    flash[:notice] = "You must be update your password before continuing"
    redirect_to change_password_path
    return false
  end
end

The problem, obviously, is that I get a redirect loop.

So, how can I only do that before_filter if the user is NOT on the change_password_check route (or posting to user#update)?

I’m running Rails 3.

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-21T19:04:48+00:00

before_filter :change_password_check, :except => :change_password

You can specify only and except as options to the before_filter. These accept an array of arguments, in the above case, you only have one method you wish to skip, however if you had another method that was to be skipped (your update action), you can do:

before_filter :change_password_check, :except => [:change_password, :update]

Only is the opposite of except, so:

before_filter :change_password_check, :only => :check_me

Would only be run if the method is check_me.

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

I’d like to force a user to change their password on login (assuming they’ve

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply