Home/ Questions/Q 9129827
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-17T07:50:12+00:00

I’m making a custom password edit form where I only change the passwords. Here

  • 0

I’m making a custom password edit form where I only change the passwords. Here is my code for the Users controller:

  def change_my_password
    @user = User.find(current_user.id)
  end

  def update_my_password
    @user = User.find(current_user.id)
    #raise @user.inspect
    if @user.update_with_password(params[:user])
      sign_in @user, :bypass => true
      redirect_to users_path, :notice => "Password updated."
    else
      sign_in @user, :bypass => true
      render action: "change_my_password", :alert => "Unable to update user."
    end
  end

This is my user model

class User < ActiveRecord::Base
  rolify
  # Include default devise modules. Others available are:
  # :token_authenticatable, :confirmable,
  # :lockable, :timeoutable and :omniauthable, :registerable,
  devise :database_authenticatable, :registerable,
         :recoverable, :rememberable, :trackable, :validatable

  # Setup accessible (or protected) attributes for your model
  attr_accessible :role_ids, :password, :password_confirmation, :username, :name, :email, :as => :admin
  attr_accessible :password, :password_confirmation, :username, :name, :email, :remember_me

  #attr_protected :username, :name, :email, :remember_me, :password, :password_confirmation


  validates_uniqueness_of :username
  validates_presence_of :username, :email

  validates_uniqueness_of :email
end

This is my change my password form

= simple_form_for(@user, :url=>update_my_password_user_path(@user), :html => { :method => :put, :class => 'form-vertical' }) do |f|
  = f.error_notification
  = display_base_errors @user
  = f.input :password, :autocomplete => "off", :required => true
  = f.input :password_confirmation, :required => true
  = f.input :current_password, :hint => "we need your current password to confirm your changes", :required => true
  = f.button :submit, 'Update', :class => 'btn-primary'
= link_to "Back", :back

It all seems fine but what happens is – if I enter a wrong password confirmation then I’m prompted for the error however when I submit the form again I’m signed out and the password doesnt change. From the logs it signs me out the first time I submit the form to change the password with a wrong password confirmation. I don’t understand where am I going wrong – I’ve even put in sign_in user to avoid having to sign out but its still not working. Where can I be going wrong here?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Use post method instead of put in routes and view as follows –

    routes.rb

    resources "users" do
    collection do
      get 'change_my_password'
      post 'update_my_password'
    end
  end

    change_my_password.html.erb

      <%= form_for(@user, :url => { :action => "update_my_password" }, :html => {:method => "post"}) do |f| %>

  <%= f.text_field :password, :autocomplete => "off", :required => true %>
  <%= f.text_field :password_confirmation, :required => true %>
  <%= f.text_field :current_password, :hint => "we need your current password to confirm your changes", :required => true %>
  <%= f.submit 'Update', :class => 'btn-primary' %>
<%= link_to "Back", :back %>

<% end %>

    That worked for me with no problems.

    Cheers!

    • 0