Class: Protected::PasswordsController
- Inherits:
-
Devise::PasswordsController
- Object
- Devise::PasswordsController
- Protected::PasswordsController
- Defined in:
- app/controllers/protected/passwords_controller.rb
Instance Method Summary collapse
Instance Method Details
#create ⇒ Object
27 28 29 30 31 32 33 34 35 36 37 |
# File 'app/controllers/protected/passwords_controller.rb', line 27 def create # Refactor Me: # This currently redireccts the user to a success message regardless if the email is in the database or not. # This is done to prevent others from determining what emails are "good" within the system but may confuse # a user who tries to reset their password but uses an incorrect address. Because they know they have an # account and received a success message they will infer the application is broken when no email arrives. self.resource = resource_class.reset_password_and_send_password_instructions(params[resource_name]) flash[:notice] = "Instructions on how to reset your password have been sent to #{resource.email}." redirect_to new_user_session_url end |
#edit ⇒ Object
17 18 19 20 21 22 23 24 25 |
# File 'app/controllers/protected/passwords_controller.rb', line 17 def edit unless params[:reset_password_token].present? flash[:notice] = "A valid password token was not found" redirect_to root_url and return false else self.resource = resource_class.new resource.reset_password_token = params[:reset_password_token] end end |
#new ⇒ Object
13 14 15 |
# File 'app/controllers/protected/passwords_controller.rb', line 13 def new build_resource({}) end |
#update ⇒ Object
3 4 5 6 7 8 9 10 11 |
# File 'app/controllers/protected/passwords_controller.rb', line 3 def update self.resource = resource_class.reset_password_by_token(params[resource_name]) if resource.errors.empty? flash[:notice] = "Your password has been changed, please log in again." sign_out_all_scopes redirect_to new_user_session_url and return false end render :template => 'protected/passwords/edit.html.haml' end |