Sha256: 6a938201785b27890ac89974ca440603842846df705a4bb1fc50ca082b789bc1
Contents?: true
Size: 1.99 KB
Versions: 6
Compression:
Stored size: 1.99 KB
Contents
class Clearance::PasswordsController < ApplicationController unloadable before_filter :forbid_missing_token, :only => [:edit, :update] before_filter :forbid_non_existent_user, :only => [:edit, :update] filter_parameter_logging :password, :password_confirmation def new render :template => 'passwords/new' end def create if user = ::User.find_by_email(params[:password][:email]) user.forgot_password! ::ClearanceMailer.deliver_change_password user flash[:notice] = translate(:deliver_change_password, :scope => [:clearance, :controllers, :passwords], :default => "You will receive an email within the next few minutes. " << "It contains instructions for changing your password.") redirect_to url_after_create else flash.now[:failure] = translate(:unknown_email, :scope => [:clearance, :controllers, :passwords], :default => "Unknown email.") render :template => 'passwords/new' end end def edit @user = ::User.find_by_id_and_token(params[:user_id], params[:token]) render :template => 'passwords/edit' end def update @user = ::User.find_by_id_and_token(params[:user_id], params[:token]) if @user.update_password(params[:user][:password], params[:user][:password_confirmation]) @user.confirm_email! unless @user.email_confirmed? sign_user_in(@user) flash[:success] = translate(:signed_in, :default => "Signed in.") redirect_to url_after_update else render :template => 'passwords/edit' end end private def forbid_missing_token if params[:token].blank? raise ActionController::Forbidden, "missing token" end end def forbid_non_existent_user unless ::User.find_by_id_and_token(params[:user_id], params[:token]) raise ActionController::Forbidden, "non-existent user" end end def url_after_create new_session_url end def url_after_update root_url end end
Version data entries
6 entries across 6 versions & 3 rubygems