Module: Devise::Models::Recoverable
- Extended by:
- ActiveSupport::Concern
- Defined in:
- lib/devise/models/recoverable.rb
Overview
Recoverable takes care of resetting the user password and send reset instructions.
Options
Recoverable adds the following options to devise_for:
* +reset_password_keys+: the keys you want to use when recovering the password for an account
* +reset_password_within+: the time period within which the password must be reset or the token expires.
* +sign_in_after_reset_password+: whether or not to sign in the user automatically after a password reset.
Examples
# resets the user password and save the record, true if valid passwords are given, otherwise false
User.find(1).reset_password('password123', 'password123')
# creates a new token and send it with instructions about how to reset the password
User.find(1).send_reset_password_instructions
Defined Under Namespace
Modules: ClassMethods
Class Method Summary collapse
Instance Method Summary collapse
-
#clear_reset_password_token ⇒ Object
protected
Removes reset_password token.
-
#reset_password(new_password, new_password_confirmation) ⇒ Object
Update password saving the record and clearing token.
- #reset_password!(new_password, new_password_confirmation) ⇒ Object
-
#reset_password_period_valid? ⇒ Boolean
Checks if the reset password token sent is within the limit time.
-
#send_reset_password_instructions ⇒ Object
Resets reset password token and send reset password instructions by email.
- #send_reset_password_instructions_notification(token) ⇒ Object protected
- #set_reset_password_token ⇒ Object protected
Class Method Details
.required_fields(klass) ⇒ Object
25 26 27 |
# File 'lib/devise/models/recoverable.rb', line 25 def self.required_fields(klass) [:reset_password_sent_at, :reset_password_token] end |
Instance Method Details
#clear_reset_password_token ⇒ Object (protected)
Removes reset_password token
92 93 94 95 |
# File 'lib/devise/models/recoverable.rb', line 92 def clear_reset_password_token self.reset_password_token = nil self.reset_password_sent_at = nil end |
#reset_password(new_password, new_password_confirmation) ⇒ Object
Update password saving the record and clearing token. Returns true if the passwords are valid and the record was saved, false otherwise.
39 40 41 42 43 44 45 46 47 48 49 |
# File 'lib/devise/models/recoverable.rb', line 39 def reset_password(new_password, new_password_confirmation) self.password = new_password self.password_confirmation = new_password_confirmation if respond_to?(:after_password_reset) && valid? ActiveSupport::Deprecation.warn "after_password_reset is deprecated" after_password_reset end save end |
#reset_password!(new_password, new_password_confirmation) ⇒ Object
51 52 53 54 |
# File 'lib/devise/models/recoverable.rb', line 51 def reset_password!(new_password, new_password_confirmation) ActiveSupport::Deprecation.warn "reset_password! is deprecated in favor of reset_password" reset_password(new_password, new_password_confirmation) end |
#reset_password_period_valid? ⇒ Boolean
Checks if the reset password token sent is within the limit time. We do this by calculating if the difference between today and the sending date does not exceed the confirm in time configured. Returns true if the resource is not responding to reset_password_sent_at at all. reset_password_within is a model configuration, must always be an integer value.
Example:
# reset_password_within = 1.day and reset_password_sent_at = today
reset_password_period_valid? # returns true
# reset_password_within = 5.days and reset_password_sent_at = 4.days.ago
reset_password_period_valid? # returns true
# reset_password_within = 5.days and reset_password_sent_at = 5.days.ago
reset_password_period_valid? # returns false
# reset_password_within = 0.days
reset_password_period_valid? # will always return false
85 86 87 |
# File 'lib/devise/models/recoverable.rb', line 85 def reset_password_period_valid? reset_password_sent_at && reset_password_sent_at.utc >= self.class.reset_password_within.ago.utc end |
#send_reset_password_instructions ⇒ Object
Resets reset password token and send reset password instructions by email. Returns the token sent in the e-mail.
58 59 60 61 62 63 |
# File 'lib/devise/models/recoverable.rb', line 58 def send_reset_password_instructions token = set_reset_password_token send_reset_password_instructions_notification(token) token end |
#send_reset_password_instructions_notification(token) ⇒ Object (protected)
106 107 108 |
# File 'lib/devise/models/recoverable.rb', line 106 def send_reset_password_instructions_notification(token) send_devise_notification(:reset_password_instructions, token, {}) end |
#set_reset_password_token ⇒ Object (protected)
97 98 99 100 101 102 103 104 |
# File 'lib/devise/models/recoverable.rb', line 97 def set_reset_password_token raw, enc = Devise.token_generator.generate(self.class, :reset_password_token) self.reset_password_token = enc self.reset_password_sent_at = Time.now.utc self.save(validate: false) raw end |