Fix logic password, new_password

4a1c68f8 · Huỳnh Thiên Phước · 771ad7d0 · 4a1c68f8 · 4a1c68f8 · 4a1c68f8
Commit 4a1c68f8 authored Aug 18, 2020 by Huỳnh Thiên Phước
Hide whitespace changes
Inline Side-by-side

Showing with 15 additions and 18 deletions

app/controllers/users_controller.rb
+10 -13

app/models/user.rb
+1 -1

app/views/users/my_info.html.erb
+4 -4

No files found.
--- a/app/controllers/users_controller.rb
+++ b/app/controllers/users_controller.rb
@@ -7,18 +7,13 @@ class UsersController < ApplicationController
  end

  def update
-    user_params.delete(:password) if user_params[:password].blank?
-    if BCrypt::Password.new(current_user.password_digest) != condition_update[:oldpassword]
-      flash.now[:danger] = 'Old Password is mismatch'
+    if current_user.authenticate(params[:user][:password])
+      return respond_to { |format| format.js } unless current_user.update_attributes(user_params)
+
+      flash[:success] = 'Updated Successfully'
+      redirect_to my_page_path
    else
-      if current_user.update_attributes(user_params)
-        flash[:success] = 'Updated Successfully'
-        redirect_to my_page_path
-      else
-        respond_to do |format|
-          format.js
-        end
-      end
+      flash.now[:danger] = 'Password is mismatch'
    end
  end

@@ -31,10 +26,12 @@ class UsersController < ApplicationController
  end

  def user_params
+    params[:user][:password] = change_pass_param[:new_password] if change_pass_param[:new_password].present?
    params.require(:user).permit(:name, :email, :cv_user, :password)
  end

-  def condition_update
-    params.require(:user).permit(:oldpassword)
+  def change_pass_param
+    params.require(:user).permit(:new_password)
  end
 end
+
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -18,7 +18,7 @@ class User < ApplicationRecord
    uniqueness: { case_sensitive: false }

  PASSWORD_FORMAT = /\A(?=.{6,})(?=.*\d)(?=.*[a-z])(?=.*[A-Z])/x
-  validates :password, allow_nil: true, format: { with: PASSWORD_FORMAT, message: "is too short or not strength" }
+  validates :password, format: { with: PASSWORD_FORMAT, message: "is too short or not strength" }

  def self.new_remember_token
    SecureRandom.urlsafe_base64

--- a/app/views/users/my_info.html.erb
+++ b/app/views/users/my_info.html.erb
@@ -32,18 +32,18 @@
        </div>
        <div class="new-password-field">
          <div class="col-4-sm">
-            <%= f.label :password, 'New Password' %>
+            <%= f.label :new_password, 'New Password' %>
          </div>
          <div class="col-8-sm">
-            <%= f.password_field :password, class: 'input-new-password' %>
+            <%= f.password_field :new_password, class: 'input-new-password' %>
          </div>
        </div>
        <div class="old-password-field">
          <div class="col-4-sm">
-            <%= f.label :oldpassword, 'Old Password' %>
+            <%= f.label :password, 'Old Password' %>
          </div>
          <div class="col-8-sm">
-            <%= f.password_field :oldpassword, class: 'input-old-password' %>
+            <%= f.password_field :password, class: 'input-old-password' %>
          </div>
        </div>