Sha256: 4cba427563a82c28fbc51ef52a6d351f1023a1239a91980875f84965abe21eb2
Contents?: true
Size: 781 Bytes
Versions: 3
Compression:
Stored size: 781 Bytes
Contents
# :namespace
module Tokens
# Lets the user to change their password without knowing the old one.
class PasswordReset < Tokens::OneTime
# Decent compromise between convenience and security.
self.expires_after = 3.days
# Blanks the user's old password, so the new password form won't ask for it.
#
# Returns the token instance.
def spend
self.transaction do
if credential = password_credential
credential.destroy
end
super
end
end
# The credential that is removed by this token.
#
# This method might return nil if a user initiates password recovery multiple
# times.
def password_credential
user.credentials.find { |c| c.is_a? Credentials::Password }
end
end # class Tokens::PasswordReset
end # namespace Tokens
Version data entries
3 entries across 3 versions & 1 rubygems
| Version | Path |
|---|---|
| authpwn_rails-0.13.2 | app/models/tokens/password_reset.rb |
| authpwn_rails-0.13.1 | app/models/tokens/password_reset.rb |
| authpwn_rails-0.13.0 | app/models/tokens/password_reset.rb |