Class: Authenticate::PasswordsController

Inherits:
AuthenticateController show all
Defined in:
app/controllers/authenticate/passwords_controller.rb

Overview

Request password change via an emailed link with a unique token. Thanks to devise and Clearance.

Instance Method Summary collapse

Instance Method Details

#createObject

Send password change email.



16
17
18
19
20
21
22
 
# File 'app/controllers/authenticate/passwords_controller.rb', line 16

def create
  if (user = find_user_for_create)
    user.forgot_password!
    deliver_email(user)
  end
  redirect_to , notice: flash_create_description
end

#editObject

Enter a new password.

A get with the token in the url is expected, for example:

GET /users/passwords/3/edit?token=abcdef

Results in a redirect with the token removed from the url & copied to the session:

GET /users/passwords/3/edit



32
33
34
35
36
37
38
39
40
41
42
43
 
# File 'app/controllers/authenticate/passwords_controller.rb', line 32

def edit
  @user = find_user_for_edit

  if params[:token]
    session[:password_reset_token] = params[:token]
    redirect_to url_for
  elsif !@user.reset_password_period_valid?
    redirect_to , notice: flash_failure_token_expired
  else
    render template: 'passwords/edit'
  end
end

#newObject

Display screen to request a password change email.

GET /users/passwords/new



11
12
13
 
# File 'app/controllers/authenticate/passwords_controller.rb', line 11

def new
  render template: 'passwords/new'
end

#updateObject 



45
46
47
48
49
50
51
52
53
54
55
56
57
58
 
# File 'app/controllers/authenticate/passwords_controller.rb', line 45

def update
  @user = find_user_for_update

  if !@user.reset_password_period_valid?
    redirect_to , notice: flash_failure_token_expired
  elsif @user.update_password password_reset_params # password changed, log user back in!
     @user
    redirect_to url_after_update, notice: flash_success_password_changed
  else
    # failed to update password for some reason, perhaps password was too short or otherwise sucked.
    flash.now[:notice] = flash_failure_after_update
    render template: 'passwords/edit'
  end
end