Contents

class Devise::PasswordExpiredController < DeviseController
  skip_before_filter :handle_password_change
  before_filter :skip_password_change, only: [:show, :update]
  prepend_before_filter :authenticate_scope!, :only => [:show, :update]

  def show
    respond_with resource do |format|
      format.html
      format.json {render json: {error: 'Your password is expired. Please renew your password.'}, status: :forbidden}
    end
  end

  def update
    # resource.extend(Devise::Models::DatabaseAuthenticatablePatch)
    if resource.update(resource_params.merge(current_password_required: true))
      warden.session(scope)['password_expired'] = false
      set_flash_message :notice, :updated
      sign_in scope, resource, :bypass => true
      redirect_to mnoe_home_path
    else
      clean_up_passwords(resource)
      respond_with(resource, action: :show)
    end
  end

  private

  def skip_password_change
    return if !resource.nil? && resource.need_change_password?
    redirect_to :root
  end

  def resource_params
    permitted_params = [:current_password, :password, :password_confirmation]

    if params.respond_to?(:permit)
      params.require(resource_name).permit(*permitted_params)
    else
      params[scope].slice(*permitted_params)
    end
  end

  def scope
    resource_name.to_sym
  end

  def authenticate_scope!
    send(:"authenticate_#{resource_name}!")
    self.resource = send("current_#{resource_name}")
  end
end

Version data entries

2 entries across 2 versions & 1 rubygems

Version	Path
mno-enterprise-api-3.4.0	app/controllers/devise/password_expired_controller.rb
mno-enterprise-api-3.3.3	app/controllers/devise/password_expired_controller.rb