Sha256: e98e4be788b4a943069634df9d432bdf1cd60615794e0babe4d2c494366e6090
Contents?: true
Size: 1023 Bytes
Versions: 1
Compression:
Stored size: 1023 Bytes
Contents
class Identity::PasswordResetsController < ApplicationController
skip_before_action :authenticate
<%- if options.lockable? -%>
rate_limit to: 10, within: 1.hour, only: :create
<%- end -%>
before_action :set_user, only: :update
def edit
head :no_content
end
def create
if @user = User.find_by(email: params[:email], verified: true)
UserMailer.with(user: @user).password_reset.deliver_later
else
render json: { error: "You can't reset your password until you verify your email" }, status: :bad_request
end
end
def update
if @user.update(user_params)
render json: @user
else
render json: @user.errors, status: :unprocessable_entity
end
end
private
def set_user
@user = User.find_by_token_for!(:password_reset, params[:sid])
rescue StandardError
render json: { error: "That password reset link is invalid" }, status: :bad_request
end
def user_params
params.permit(:password, :password_confirmation)
end
end
Version data entries
1 entries across 1 versions & 1 rubygems
| Version | Path |
|---|---|
| authentication-zero-4.0.0 | lib/generators/authentication/templates/controllers/api/identity/password_resets_controller.rb.tt |