Contents

# frozen_string_literal: true

module DeviseSecurity::Patches
  module PasswordsControllerSecurityQuestion
    extend ActiveSupport::Concern
    included do
      define_method :create do
        # only find via email, not login
        resource = resource_class.find_or_initialize_with_error_by(:email, params[resource_name][:email], :not_found)

        if valid_captcha_or_security_question?(resource, params)
          self.resource = resource_class.send_reset_password_instructions(params[resource_name])
          if successfully_sent?(resource)
            respond_with({}, location: new_session_path(resource_name))
          else
            respond_with(resource)
          end
        else
          flash[:alert] = t('devise.invalid_security_question') if is_navigational_format?
          respond_with({}, location: new_password_path(resource_name))
        end
      end
    end
  end
end

Version data entries

9 entries across 9 versions & 1 rubygems

Version	Path
devise-security-0.17.0	lib/devise-security/patches/passwords_controller_security_question.rb
devise-security-0.16.0	lib/devise-security/patches/passwords_controller_security_question.rb
devise-security-0.15.0	lib/devise-security/patches/passwords_controller_security_question.rb
devise-security-0.14.3	lib/devise-security/patches/passwords_controller_security_question.rb
devise-security-0.14.2	lib/devise-security/patches/passwords_controller_security_question.rb
devise-security-0.14.1	lib/devise-security/patches/passwords_controller_security_question.rb
devise-security-0.14.0	lib/devise-security/patches/passwords_controller_security_question.rb
devise-security-0.14.0.rc1	lib/devise-security/patches/passwords_controller_security_question.rb
devise-security-0.13.0	lib/devise-security/patches/passwords_controller_security_question.rb