Contents

class PasswordsController < ApplicationController
  allow_unauthenticated_access
  before_action :set_user_by_token, only: %i[ edit update ]

  def new
  end

  def create
    if user = User.find_by(email_address: params[:email_address])
      PasswordsMailer.reset(user).deliver_later
    end

    redirect_to new_session_url, notice: "Password reset instructions sent (if user with that email address exists)."
  end

  def edit
  end

  def update
    if @user.update(params.permit(:password, :password_confirmation))
      redirect_to new_session_url, notice: "Password has been reset."
    else
      redirect_to edit_password_url(params[:token]), alert: "Passwords did not match."
    end
  end

  private
    def set_user_by_token
      @user = User.find_by_password_reset_token!(params[:token])
    rescue ActiveSupport::MessageVerifier::InvalidSignature
      redirect_to new_password_url, alert: "Password reset link is invalid or has expired."
    end
end

Version data entries

7 entries across 7 versions & 2 rubygems

Version	Path
railties-8.0.0.rc1	lib/rails/generators/rails/authentication/templates/app/controllers/passwords_controller.rb.tt
railties-8.0.0.beta1	lib/rails/generators/rails/authentication/templates/controllers/passwords_controller.rb
omg-railties-8.0.0.alpha9	lib/rails/generators/rails/authentication/templates/controllers/passwords_controller.rb
omg-railties-8.0.0.alpha8	lib/rails/generators/rails/authentication/templates/controllers/passwords_controller.rb
omg-railties-8.0.0.alpha7	lib/rails/generators/rails/authentication/templates/controllers/passwords_controller.rb
omg-railties-8.0.0.alpha4	lib/rails/generators/rails/authentication/templates/controllers/passwords_controller.rb
omg-railties-8.0.0.alpha3	lib/rails/generators/rails/authentication/templates/controllers/passwords_controller.rb