Password recovery in Ruby on Rails

Question

Hi when I try to reset password I get this error:

ArgumentError in PasswordResetsController#create

wrong number of arguments (1 for 0)

app/models/user.rb:48:in create_remember_token app/models/user.rb:40:insend_password_reset app/controllers/password_resets_controller.rb:7:in `create'

class PasswordResetsController < ApplicationController
  def new
  end

  def create
    user = User.find_by_email(params[:email])
    user.send_password_reset if user
    redirect_to root_url
  end

  def edit
    @user = User.find_by_password_reset_token!(params[:id])
  end

  def update
    @user = User.find_by_password_reset_token!(params[:id])
    if @user.password_reset_sent_at < 2.hours.ago
      redirect_to new_password_reset_path, :alert => "Password &crarr; 
        reset has expired."
    elsif @user.update_attributes(params[:user])
      redirect_to root_url, :notice => "Password has been reset."
    else
      render :edit
    end
end
end



class User < ActiveRecord::Base
  attr_accessible :email, :lname, :name, :password, :password_confirmation
  has_secure_password
  before_save { |user| user.email = email.downcase }
  before_save :create_remember_token

  validates :name, presence: true, length: { maximum: 50 }
  validates :lname, presence: true, length: { maximum: 50 }
  VALID_EMAIL_REGEX = /\A[\w+\-.]+@[a-z\d\-.]+\.[a-z]+\z/i
  validates :email, presence: true, format: { with: VALID_EMAIL_REGEX },
                    uniqueness: { case_sensitive: false }
  validates :password, presence: true, :on => :create
  validates :password, length: { minimum: 6 }, :allow_blank => true
  validates :password_confirmation, presence: true, :on => :create



  def send_password_reset
    create_remember_token(:password_reset_token)
    self.password_reset_sent_at = Time.zone.now
    save!
    UserMailer.password_reset(self).deliver
  end

  private

    def create_remember_token
      self.remember_token = SecureRandom.urlsafe_base64
    end
end

Have anybody an Idea why?

Answer 1

found a solution in railscasts

added to before_save remember_token and changed create_remember_token

I don't know it's right? but it works

    class User < ActiveRecord::Base
  attr_accessible :email, :lname, :name, :password, :password_confirmation
  has_secure_password

  before_save { |user| user.email = email.downcase }
  before_save { create_remember_token(:remember_token) }

  validates :name, presence: true, length: { maximum: 50 }
  validates :lname, presence: true, length: { maximum: 50 }
  VALID_EMAIL_REGEX = /\A[\w+\-.]+@[a-z\d\-.]+\.[a-z]+\z/i
  validates :email, presence: true, format: { with: VALID_EMAIL_REGEX },
                    uniqueness: { case_sensitive: false }
  validates :password, presence: true, :on => :create
  validates :password, length: { minimum: 6 }, :allow_blank => true
  validates :password_confirmation, presence: true, :on => :create

  def send_password_reset
    create_remember_token(:password_reset_token)
    self.password_reset_sent_at = Time.zone.now
    save!
    UserMailer.password_reset(self).deliver
  end



    def create_remember_token(column)
     begin
      self[column] = SecureRandom.urlsafe_base64
     end while User.exists?(column => self[column])
    end
end

Answer 2

You're calling create_remember_token(:password_reset_token) when the method definition of create_remember_token accepts no paramaters.

In other words change

create_remember_token(:password_reset_token)

to

create_remember_token

in your send_password_reset method