Class: SimpleShowcaseAdmin::PasswordResetsController
- Inherits:
-
ApplicationController
- Object
- ActionController::Base
- ApplicationController
- SimpleShowcaseAdmin::PasswordResetsController
- Defined in:
- app/controllers/simple_showcase_admin/password_resets_controller.rb
Instance Method Summary collapse
-
#create ⇒ Object
request password reset.
-
#edit ⇒ Object
This is the reset password form.
-
#update ⇒ Object
This action fires when the user has sent the reset password form.
Methods inherited from ApplicationController
Instance Method Details
#create ⇒ Object
request password reset. you get here when the user entered his email in the reset password form and submitted it.
7 8 9 10 11 12 13 14 15 16 |
# File 'app/controllers/simple_showcase_admin/password_resets_controller.rb', line 7 def create @user = SimpleShowcaseAdmin::User.find_by_email(params[:email]) # This line sends an email to the user with instructions on how to reset their password (a url with a random token) @user.deliver_reset_password_instructions! if @user # Tell the user instructions have been sent whether or not email was found. # This is to not leak information to attackers about which emails exist in the system. redirect_to(login_path, :notice => 'Instructions have been sent to your email.') end |
#edit ⇒ Object
This is the reset password form.
19 20 21 22 23 |
# File 'app/controllers/simple_showcase_admin/password_resets_controller.rb', line 19 def edit @user = SimpleShowcaseAdmin::User.load_from_reset_password_token(params[:id]) @token = params[:id] not_authenticated unless @user end |
#update ⇒ Object
This action fires when the user has sent the reset password form.
26 27 28 29 30 31 32 33 34 35 36 37 38 |
# File 'app/controllers/simple_showcase_admin/password_resets_controller.rb', line 26 def update @token = params[:token] @user = SimpleShowcaseAdmin::User.load_from_reset_password_token(params[:token]) not_authenticated unless @user # the next line makes the password confirmation validation work @user.password_confirmation = params[:user][:password_confirmation] # the next line clears the temporary token and updates the password if @user.change_password!(params[:user][:password]) redirect_to(root_path, :notice => 'Password was successfully updated.') else render :action => "edit" end end |