Sha256: 4984d75e6445588f6c789fbca3991d52ec92f34aa3fd9ef0112a37ca360a3502
Contents?: true
Size: 1.66 KB
Versions: 6
Compression:
Stored size: 1.66 KB
Contents
class Identity::PasswordResetsController < ApplicationController
skip_before_action :authenticate
<% if options.lockable? -%>
before_action :require_locking, only: :create
<% end -%>
before_action :set_<%= singular_table_name %>, only: %i[ edit update ]
def new
end
def edit
end
def create
if @<%= singular_table_name %> = <%= class_name %>.find_by(email: params[:email], verified: true)
IdentityMailer.with(<%= singular_table_name %>: @<%= singular_table_name %>).password_reset_provision.deliver_later
redirect_to sign_in_path, notice: "Check your email for reset instructions"
else
redirect_to new_identity_password_reset_path, alert: "You can't reset your password until you verify your email"
end
end
def update
if @<%= singular_table_name %>.update(<%= "#{singular_table_name}_params" %>)
redirect_to sign_in_path, notice: "Your password was reset successfully. Please sign in"
else
render :edit, status: :unprocessable_entity
end
end
private
def set_<%= singular_table_name %>
@<%= singular_table_name %> = <%= class_name %>.find_signed!(params[:token], purpose: :password_reset)
rescue
redirect_to new_identity_password_reset_path, alert: "That password reset link is invalid"
end
def <%= "#{singular_table_name}_params" %>
params.permit(:password, :password_confirmation)
end
<% if options.lockable? %>
def require_locking
Locking.lock_on("password_reset_lock:#{request.remote_ip}", wait: 1.hour, attempts: 10) do
redirect_to new_identity_password_reset_path, alert: "You've exceeded the maximum number of attempts"
end
end
<% end -%>
end
Version data entries
6 entries across 6 versions & 1 rubygems