class PasswordResetsController < ApplicationController
  skip_before_action :authenticate
  before_action :set_<%= singular_table_name %>, only: %i[ edit update ]

  def new
  end

  def edit
  end

  def create
    if @<%= singular_table_name %> = <%= class_name %>.find_by_email(params[:email])
      PasswordMailer.with(<%= singular_table_name %>: @<%= singular_table_name %>).reset.deliver_later
      redirect_to sign_in_path, notice: "You will receive an email with instructions on how to reset your password in a few minutes"
    else
      redirect_to new_password_resets_path, alert: "The email address doesn't exist in our database"
    end
  end

  def update
    if @<%= singular_table_name %>.update(<%= "#{singular_table_name}_params" %>)
      redirect_to sign_in_path, notice: "Your password was reset successfully. Please sign in"
    else
      render :edit, status: :unprocessable_entity
    end
  end

  private
    def set_<%= singular_table_name %>
      @<%= singular_table_name %> = <%= class_name %>.find_signed!(params[:token], purpose: "password_reset")
    rescue ActiveSupport::MessageVerifier::InvalidSignature
      redirect_to new_password_resets_path, alert: "Your token has expired, please request a new one"
    end

    def <%= "#{singular_table_name}_params" %>
      params.require(:<%= singular_table_name %>).permit(:password, :password_confirmation)
    end
end