Class: DeviseTokenAuth::PasswordsController
- Inherits:
-
ApplicationController
- Object
- DeviseController
- ApplicationController
- DeviseTokenAuth::PasswordsController
- Defined in:
- app/controllers/devise_token_auth/passwords_controller.rb
Instance Method Summary collapse
-
#create ⇒ Object
this action is responsible for generating password reset tokens and sending emails.
-
#edit ⇒ Object
this is where users arrive after visiting the password reset confirmation link.
- #update ⇒ Object
Methods inherited from ApplicationController
#resource_data, #resource_errors
Instance Method Details
#create ⇒ Object
this action is responsible for generating password reset tokens and sending emails
10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 |
# File 'app/controllers/devise_token_auth/passwords_controller.rb', line 10 def create return render_create_error_missing_email unless resource_params[:email] # give redirect value from params priority @redirect_url = params.fetch( :redirect_url, DeviseTokenAuth.default_password_reset_url ) return render_create_error_missing_redirect_url unless @redirect_url return render_create_error_not_allowed_redirect_url if blacklisted_redirect_url? @email = get_case_insensitive_field_from_resource_params(:email) @resource = find_resource(:uid, @email) if @resource yield @resource if block_given? @resource.send_reset_password_instructions( email: @email, provider: 'email', redirect_url: @redirect_url, client_config: params[:config_name] ) if @resource.errors.empty? return render_create_success else render_create_error @resource.errors end else render_not_found_error end end |
#edit ⇒ Object
this is where users arrive after visiting the password reset confirmation link
45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 |
# File 'app/controllers/devise_token_auth/passwords_controller.rb', line 45 def edit # if a user is not found, return nil @resource = with_reset_password_token(resource_params[:reset_password_token]) if @resource && @resource.reset_password_period_valid? client_id, token = @resource.create_token # ensure that user is confirmed @resource.skip_confirmation! if confirmable_enabled? && !@resource.confirmed_at # allow user to change password once without current_password @resource.allow_password_change = true if recoverable_enabled? @resource.save! yield @resource if block_given? = { reset_password: true } redirect_headers = build_redirect_headers(token, client_id, ) redirect_to(@resource.build_auth_url(params[:redirect_url], redirect_headers)) else render_edit_error end end |
#update ⇒ Object
73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 |
# File 'app/controllers/devise_token_auth/passwords_controller.rb', line 73 def update # make sure user is authorized return unless @resource # make sure account doesn't use oauth2 provider unless @resource.provider == 'email' return render_update_error_password_not_required end # ensure that password params were sent unless password_resource_params[:password] && password_resource_params[:password_confirmation] return render_update_error_missing_password end if @resource.send(resource_update_method, password_resource_params) @resource.allow_password_change = false if recoverable_enabled? @resource.save! yield @resource if block_given? return render_update_success else return render_update_error end end |