heartcombo--devise/app/controllers/devise/unlocks_controller.rb

class Devise::UnlocksController < DeviseController
  prepend_before_filter :require_no_authentication

  # GET /resource/unlock/new
  def new
    self.resource = resource_class.new
  end

  # POST /resource/unlock
  def create
    self.resource = resource_class.send_unlock_instructions(resource_params)

    if successfully_sent?(resource)
      respond_with({}, :location => after_sending_unlock_instructions_path_for(resource))
    else
      respond_with(resource)
    end
  end

  # GET /resource/unlock?unlock_token=abcdef
  def show
    self.resource = resource_class.unlock_access_by_token(params[:unlock_token])

    if resource.errors.empty?
      set_flash_message :notice, :unlocked if is_flashing_format?
      respond_with_navigational(resource){ redirect_to after_unlock_path_for(resource) }
    else
      respond_with_navigational(resource.errors, :status => :unprocessable_entity){ render :new }
    end
  end

  protected

    # The path used after sending unlock password instructions
    def after_sending_unlock_instructions_path_for(resource)
      new_session_path(resource) if is_navigational_format?
    end

    # The path used after unlocking the resource
    def after_unlock_path_for(resource)
      new_session_path(resource)  if is_navigational_format?
    end

end
Make all controllers inherit from a single DeviseController 2011-06-24 15:34:13 -04:00			`class Devise::UnlocksController < DeviseController`
Use prepend_before_filter in require_no_authentication. We need to be sure require_no_authentication runs before other user filters that may call some Devise helper (ie current_xxx). Conflicts: app/controllers/devise/passwords_controller.rb app/controllers/devise/registrations_controller.rb app/controllers/devise/sessions_controller.rb app/controllers/devise/unlocks_controller.rb lib/devise/controllers/internal_helpers.rb test/rails_app/app/controllers/application_controller.rb 2010-03-26 07:26:51 -04:00			`prepend_before_filter :require_no_authentication`
Stub out other views for Registerable. 2010-02-08 13:07:24 -05:00
			`# GET /resource/unlock/new`
			`def new`
Clean up Devise parameter sanitizer 2013-04-14 02:21:46 -04:00			`self.resource = resource_class.new`
Stub out other views for Registerable. 2010-02-08 13:07:24 -05:00			`end`

			`# POST /resource/unlock`
			`def create`
Add resource_params internal helper to param filtering In light of recent discussions around mass assignment security and the alternate solution of using the controller to filter params, not the model, a hook/helper is needed to be able to override how the params are filtered before they are used to build the resource. 2012-05-15 04:07:02 -04:00			`self.resource = resource_class.send_unlock_instructions(resource_params)`
Stub out other views for Registerable. 2010-02-08 13:07:24 -05:00
Change all paranoid settings to behave as success instead of as failure, closes #1375. 2011-10-15 04:51:40 -04:00			`if successfully_sent?(resource)`
Change method name 2012-04-22 09:05:26 -04:00			`respond_with({}, :location => after_sending_unlock_instructions_path_for(resource))`
Added paranoid mode to lockable 2011-06-20 22:03:01 -04:00			`else`
Clean up as we don't need to call render_with_scope anymore. 2012-01-02 16:12:09 -05:00			`respond_with(resource)`
Stub out other views for Registerable. 2010-02-08 13:07:24 -05:00			`end`
			`end`
introducing lockable implementation 2009-12-30 12:19:33 -05:00
			`# GET /resource/unlock?unlock_token=abcdef`
			`def show`
Clean up lockable and class methods API. 2010-03-10 10:13:54 -05:00			`self.resource = resource_class.unlock_access_by_token(params[:unlock_token])`
introducing lockable implementation 2009-12-30 12:19:33 -05:00
			`if resource.errors.empty?`
Separate redirects and flash messages in navigational_formats and flashing_formats 2013-11-01 16:47:40 -04:00			`set_flash_message :notice, :unlocked if is_flashing_format?`
Added after_unlock_path_for to allow override of redirect after account unlock 2012-04-17 07:38:50 -04:00			`respond_with_navigational(resource){ redirect_to after_unlock_path_for(resource) }`
introducing lockable implementation 2009-12-30 12:19:33 -05:00			`else`
Get rid of InternalHelpers, refactor scoped views for more performant behavior. 2012-01-02 16:01:28 -05:00			`respond_with_navigational(resource.errors, :status => :unprocessable_entity){ render :new }`
introducing lockable implementation 2009-12-30 12:19:33 -05:00			`end`
			`end`
Added after_sending_reset_unlock_instructions_path_for which can be overridden in extensions to modify the redirect path 2012-04-17 04:04:06 -04:00
			`protected`

			`# The path used after sending unlock password instructions`
Change method name 2012-04-22 09:05:26 -04:00			`def after_sending_unlock_instructions_path_for(resource)`
No redirect when Devise API is accessed via JSON 2013-05-07 04:18:23 -04:00			`new_session_path(resource) if is_navigational_format?`
Added after_sending_reset_unlock_instructions_path_for which can be overridden in extensions to modify the redirect path 2012-04-17 04:04:06 -04:00			`end`

Added after_unlock_path_for to allow override of redirect after account unlock 2012-04-17 07:38:50 -04:00			`# The path used after unlocking the resource`
			`def after_unlock_path_for(resource)`
No redirect when Devise API is accessed via JSON 2013-05-07 04:18:23 -04:00			`new_session_path(resource) if is_navigational_format?`
Added after_unlock_path_for to allow override of redirect after account unlock 2012-04-17 07:38:50 -04:00			`end`

introducing lockable implementation 2009-12-30 12:19:33 -05:00			`end`