Sha256: b65ee201d7cb8c0411f1b78ea53a25b102592675bd799c1b5fb26ff8e41ae3e6

Contents?: true

Size: 1.1 KB

Versions: 4

Compression:

Stored size: 1.1 KB

Contents

class Identity::PasswordResetsController < ApplicationController
  skip_before_action :authenticate

  <%- if options.lockable? -%>
  before_action :require_lock, only: :create
  <%- end -%>
  before_action :set_user, only: :update

  def edit
    head :no_content
  end

  def create
    if @user = User.find_by(email: params[:email], verified: true)
      UserMailer.with(user: @user).password_reset.deliver_later
    else
      render json: { error: "You can't reset your password until you verify your email" }, status: :bad_request
    end
  end

  def update
    if @user.update(user_params)
      revoke_tokens; render(json: @user)
    else
      render json: @user.errors, status: :unprocessable_entity
    end
  end

  private
    def set_user
      @token = PasswordResetToken.find_signed!(params[:sid]); @user = @token.user
    rescue StandardError
      render json: { error: "That password reset link is invalid" }, status: :bad_request
    end

    def user_params
      params.permit(:password, :password_confirmation)
    end

    def revoke_tokens
      @user.password_reset_tokens.delete_all
    end
end

Version data entries

4 entries across 4 versions & 1 rubygems

Version Path
authentication-zero-2.16.19 lib/generators/authentication/templates/controllers/api/identity/password_resets_controller.rb.tt
authentication-zero-2.16.18 lib/generators/authentication/templates/controllers/api/identity/password_resets_controller.rb.tt
authentication-zero-2.16.17 lib/generators/authentication/templates/controllers/api/identity/password_resets_controller.rb.tt
authentication-zero-2.16.16 lib/generators/authentication/templates/controllers/api/identity/password_resets_controller.rb.tt