Class: PasswordsController

Inherits:
Devise::PasswordsController
  • Object
show all
Includes:
Gitlab::Tracking::Helpers::WeakPasswordErrorEvent, GitlabRecaptcha
Defined in:
app/controllers/passwords_controller.rb

Instance Method Summary collapse

Methods included from Gitlab::Tracking::Helpers::WeakPasswordErrorEvent

#track_weak_password_error

Methods included from GitlabRecaptcha

#load_recaptcha

Methods included from RecaptchaHelper

#recaptcha_enabled?, #recaptcha_enabled_on_login?

Instance Method Details

#editObject

rubocop: disable CodeReuse/ActiveRecord



18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
 
# File 'app/controllers/passwords_controller.rb', line 18

def edit
  super
  reset_password_token = Devise.token_generator.digest(
    User,
    :reset_password_token,
    resource.reset_password_token
  )

  unless reset_password_token.nil?
    user = User.where(
      reset_password_token: reset_password_token
    ).first_or_initialize

    unless user.reset_password_period_valid?
      flash[:alert] = _('Your password reset token has expired.')
      redirect_to(new_user_password_url(user_email: user['email']))
    end
  end
end

#updateObject

rubocop: enable CodeReuse/ActiveRecord



39
40
41
42
43
44
45
46
47
48
49
50
 
# File 'app/controllers/passwords_controller.rb', line 39

def update
  super do |resource|
    if resource.valid?
      resource.password_automatically_set = false
      resource.password_expires_at = nil
      resource.save(validate: false) if resource.changed?
    else
      log_audit_reset_failure(@user)
      track_weak_password_error(@user, self.class.name, 'create')
    end
  end
end