Class: DeviseTokenAuth::PasswordsController
- Inherits:
-
ApplicationController
- Object
- DeviseController
- ApplicationController
- DeviseTokenAuth::PasswordsController
- Defined in:
- app/controllers/devise_token_auth/passwords_controller.rb
Instance Method Summary collapse
-
#create ⇒ Object
this action is responsible for generating password reset tokens and sending emails.
-
#edit ⇒ Object
this is where users arrive after visiting the password reset confirmation link.
- #update ⇒ Object
Methods inherited from ApplicationController
#resource_data, #resource_errors
Instance Method Details
#create ⇒ Object
this action is responsible for generating password reset tokens and sending emails
11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 |
# File 'app/controllers/devise_token_auth/passwords_controller.rb', line 11 def create return render_create_error_missing_email unless resource_params[:email] @email = get_case_insensitive_field_from_resource_params(:email) @resource = find_resource(:uid, @email) if @resource yield @resource if block_given? @resource.send_reset_password_instructions( email: @email, provider: 'email', redirect_url: @redirect_url, client_config: params[:config_name] ) if @resource.errors.empty? return render_create_success else render_create_error @resource.errors end else render_not_found_error end end |
#edit ⇒ Object
this is where users arrive after visiting the password reset confirmation link
37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 |
# File 'app/controllers/devise_token_auth/passwords_controller.rb', line 37 def edit # if a user is not found, return nil @resource = resource_class.with_reset_password_token(resource_params[:reset_password_token]) if @resource && @resource.reset_password_period_valid? client_id, token = @resource.create_token # ensure that user is confirmed @resource.skip_confirmation! if confirmable_enabled? && !@resource.confirmed_at # allow user to change password once without current_password @resource.allow_password_change = true if recoverable_enabled? @resource.save! yield @resource if block_given? = { reset_password: true } redirect_headers = build_redirect_headers(token, client_id, ) redirect_to(@resource.build_auth_url(@redirect_url, redirect_headers)) else render_edit_error end end |
#update ⇒ Object
65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 |
# File 'app/controllers/devise_token_auth/passwords_controller.rb', line 65 def update # make sure user is authorized return unless @resource # make sure account doesn't use oauth2 provider unless @resource.provider == 'email' return render_update_error_password_not_required end # ensure that password params were sent unless password_resource_params[:password] && password_resource_params[:password_confirmation] return render_update_error_missing_password end if @resource.send(resource_update_method, password_resource_params) @resource.allow_password_change = false if recoverable_enabled? @resource.save! yield @resource if block_given? return render_update_success else return render_update_error end end |