app/controllers/users/passwords_controller.rb in lesli-5.0.3 vs app/controllers/users/passwords_controller.rb in lesli-5.0.4

@@ -1,34 +1,74 @@
 # frozen_string_literal: true
 
 class Users::PasswordsController < Devise::PasswordsController
-  # GET /resource/password/new
-  # def new
-  #   super
-  # end
 
-  # POST /resource/password
-  # def create
-  #   super
-  # end
+    # Sends an email with a token, so the user can reset their password
+    def create
 
-  # GET /resource/password/edit?reset_password_token=abcdef
-  # def edit
-  #   super
-  # end
+        if params[:user].blank?
+            #Account::Activity.log("core", "/password/create", "password_creation_failed", "no_valid_email")
+            return respond_with_error(I18n.t("core.shared.messages_warning_user_not_found"))
+        end
 
-  # PUT /resource/password
-  # def update
-  #   super
-  # end
+        if params[:user][:email].blank?
+            #Account::Activity.log("core", "/password/create", "password_creation_failed", "no_valid_email")
+            return respond_with_error(I18n.t("core.shared.messages_warning_user_not_found"))
+        end
 
-  # protected
+        user = Lesli::User.find_by(:email => params[:user][:email])
 
-  # def after_resetting_password_path_for(resource)
-  #   super(resource)
-  # end
+        if user.blank?
+            # Account::Activity.log("core", "/password/create", "password_creation_failed", "no_valid_email", {
+            #     email: (params[:user][:email] || "")
+            # })
+            return respond_with_error(I18n.t("core.shared.messages_warning_user_not_found"))
+        end
 
-  # The path used after sending reset password instructions
-  # def after_sending_reset_password_instructions_path_for(resource_name)
-  #   super(resource_name)
-  # end
+        unless user.active
+            # user.logs.create({title: "password_creation_failed", description: "user_not_active"})
+            # Account::Activity.log("core", "/password/create", "password_creation_failed", "user_not_active")
+            return respond_with_error(I18n.t("core.users/passwords.messages_danger_inactive_user"))
+        end
+
+        token = user.generate_password_reset_token
+
+        #user.logs.create({ title: "password_creation_successful" })
+
+        # begin
+        #     #UserMailer.with(user: user, token: token).reset_password_instructions.deliver_now
+             #super()
+        Lesli::DeviseMailer.reset_password_instructions(user, token)
+        respond_with_successful
+        # rescue => exception
+        #     #Honeybadger.notify(exception)
+        #     respond_with_error(exception.message)
+        # end
+
+    end
+
+    def update
+        super do |resource|
+
+            # check if password update was ok
+            if resource.errors.empty?
+
+                # reset password expiration due the user just updated his password
+                if resource.has_expired_password?
+                    resource.update(password_expiration_at: nil)
+                end
+
+                resource.logs.create(title: "password_reset_successful")
+
+                return respond_with_successful
+
+            else
+
+                resource.logs.create(title: "password_reset_error") if resource.id
+
+                return respond_with_error(resource.errors.full_messages.to_sentence)
+
+            end
+
+        end
+    end
 end