class PasswordResetsController < ApplicationController skip_before_action :authenticate before_action :set_<%= singular_table_name %>, only: %i[ edit update ] def edit render json: { error: "Open this link in your device" }, status: :not_found end def create if @<%= singular_table_name %> = <%= class_name %>.find_by_email(params[:email]) PasswordMailer.with(<%= singular_table_name %>: @<%= singular_table_name %>).reset.deliver_later else render json: { error: "Sorry, we didn't recognize that email address" }, status: :not_found end end def update if @<%= singular_table_name %>.update(<%= "#{singular_table_name}_params" %>) render json: @<%= singular_table_name %> else render json: @<%= singular_table_name %>.errors, status: :unprocessable_entity end end private def set_<%= singular_table_name %> @<%= singular_table_name %> = <%= class_name %>.find_signed!(params[:token], purpose: :password_reset) rescue ActiveSupport::MessageVerifier::InvalidSignature render json: { error: "Your token has expired, please request a new one" }, status: :bad_request end def <%= "#{singular_table_name}_params" %> params.permit(:password, :password_confirmation) end end