Class: DeviseTokenAuth::PasswordsController
- Inherits:
-
ApplicationController
- Object
- DeviseController
- ApplicationController
- DeviseTokenAuth::PasswordsController
- Defined in:
- app/controllers/devise_token_auth/passwords_controller.rb
Instance Method Summary collapse
-
#create ⇒ Object
this action is responsible for generating password reset tokens and sending emails.
-
#edit ⇒ Object
this is where users arrive after visiting the password reset confirmation link.
- #update ⇒ Object
Methods inherited from ApplicationController
#resource_data, #resource_errors
Instance Method Details
#create ⇒ Object
this action is responsible for generating password reset tokens and sending emails
9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 |
# File 'app/controllers/devise_token_auth/passwords_controller.rb', line 9 def create return render_create_error_missing_email unless resource_params[:email] @email = get_case_insensitive_field_from_resource_params(:email) @resource = find_resource(:uid, @email) if @resource yield @resource if block_given? @resource.send_reset_password_instructions( email: @email, provider: 'email', redirect_url: @redirect_url, client_config: params[:config_name] ) if @resource.errors.empty? return render_create_success else render_create_error @resource.errors end else render_not_found_error end end |
#edit ⇒ Object
this is where users arrive after visiting the password reset confirmation link
35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 |
# File 'app/controllers/devise_token_auth/passwords_controller.rb', line 35 def edit # if a user is not found, return nil @resource = resource_class.with_reset_password_token(resource_params[:reset_password_token]) if @resource && @resource.reset_password_period_valid? token = @resource.create_token unless require_client_password_reset_token? # ensure that user is confirmed @resource.skip_confirmation! if confirmable_enabled? && !@resource.confirmed_at # allow user to change password once without current_password @resource.allow_password_change = true if recoverable_enabled? @resource.save! yield @resource if block_given? if require_client_password_reset_token? redirect_to DeviseTokenAuth::Url.generate(@redirect_url, reset_password_token: resource_params[:reset_password_token]), else if DeviseTokenAuth. (@resource, token) end = { reset_password: true } redirect_headers = build_redirect_headers(token.token, token.client, ) redirect_to(@resource.build_auth_url(@redirect_url, redirect_headers), ) end else render_edit_error end end |
#update ⇒ Object
72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 |
# File 'app/controllers/devise_token_auth/passwords_controller.rb', line 72 def update # make sure user is authorized if require_client_password_reset_token? && resource_params[:reset_password_token] @resource = resource_class.with_reset_password_token(resource_params[:reset_password_token]) return unless @resource @token = @resource.create_token else @resource = set_user_by_token end return unless @resource # make sure account doesn't use oauth2 provider unless @resource.provider == 'email' return render_update_error_password_not_required end # ensure that password params were sent unless password_resource_params[:password] && password_resource_params[:password_confirmation] return render_update_error_missing_password end if @resource.send(resource_update_method, password_resource_params) @resource.allow_password_change = false if recoverable_enabled? @resource.save! yield @resource if block_given? return render_update_success else return render_update_error end end |