Class: PasswordResetsController

Inherits:

ApplicationController

• Object
• ApplicationController
• PasswordResetsController

Defined in:

lib/generators/auth/templates/controllers/password_resets_controller.rb

Overview

app/controllers/password_resets_controller.rb

Instance Method Summary

• #create ⇒ Object

  New version using username.

• #update ⇒ Object

  Actual reset (step 2).

Instance Method Details

#create ⇒ Object

New version using username

# File 'lib/generators/auth/templates/controllers/password_resets_controller.rb', line 7

def create
  user = User.find_by(email: params[:email])
  if user
    user.generate_password_reset_token!
    # Send token via your preferred method (API response, SMS, etc.)
    render json: { 
      message: "Reset instructions sent",
      token: user.reset_token # In production, send this via email/SMS instead
    }
  else
    render json: { error: "Username not found" }, status: :not_found
  end
end

#update ⇒ Object

Actual reset (step 2)

# File 'lib/generators/auth/templates/controllers/password_resets_controller.rb', line 22

def update
  user = User.find_by(reset_token: params[:token])
  if user&.reset_sent_at && !user.password_reset_expired?
    if user.update(password: params[:password], reset_token: nil)
      render json: { message: "Password updated" }
    else
      render json: { errors: user.errors.full_messages }, status: :unprocessable_entity
    end
  else
    render json: { error: "Invalid or expired token" }, status: :unprocessable_entity
  end
end