Sha256: 4b8d44c0ee9fec5575f8a25e22cd173e51be93cb79a1ec33f5f08eab9eeda553
Contents?: true
Size: 853 Bytes
Versions: 3
Compression:
Stored size: 853 Bytes
Contents
# :namespace
module Tokens
# Lets the user to change their password without knowing the old one.
class PasswordReset < Tokens::OneTime
# Password reset tokens only work this much time after they've been issued.
self.expires_after = Authpwn::Engine.config.authpwn.password_reset_expiration
# Blanks the user's old password, so the new password form won't ask for it.
#
# Returns the token instance.
def spend
self.transaction do
if credential = password_credential
credential.destroy
end
super
end
end
# The credential that is removed by this token.
#
# This method might return nil if a user initiates password recovery multiple
# times.
def password_credential
user.credentials.where(type: 'Credentials::Password').first
end
end # class Tokens::PasswordReset
end # namespace Tokens
Version data entries
3 entries across 3 versions & 1 rubygems
| Version | Path |
|---|---|
| authpwn_rails-0.23.0 | app/models/tokens/password_reset.rb |
| authpwn_rails-0.22.1 | app/models/tokens/password_reset.rb |
| authpwn_rails-0.22.0 | app/models/tokens/password_reset.rb |