2017-12-21 17:36:29 +00:00
|
|
|
# frozen_string_literal: true
|
|
|
|
|
2011-06-24 19:34:13 +00:00
|
|
|
class Devise::PasswordsController < DeviseController
|
2015-08-18 23:42:56 +00:00
|
|
|
prepend_before_action :require_no_authentication
|
2012-06-08 08:08:35 +00:00
|
|
|
# Render the #edit only if coming from a reset password email link
|
2015-08-18 23:42:56 +00:00
|
|
|
append_before_action :assert_reset_token_passed, only: :edit
|
2009-10-27 23:26:40 +00:00
|
|
|
|
2010-02-08 18:07:24 +00:00
|
|
|
# GET /resource/password/new
|
|
|
|
def new
|
2013-04-14 06:21:46 +00:00
|
|
|
self.resource = resource_class.new
|
2010-02-08 18:07:24 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
# POST /resource/password
|
|
|
|
def create
|
2012-05-15 08:07:02 +00:00
|
|
|
self.resource = resource_class.send_reset_password_instructions(resource_params)
|
2013-11-06 03:33:41 +00:00
|
|
|
yield resource if block_given?
|
2011-05-20 22:49:53 +00:00
|
|
|
|
2011-10-12 21:12:20 +00:00
|
|
|
if successfully_sent?(resource)
|
2014-02-25 16:42:55 +00:00
|
|
|
respond_with({}, location: after_sending_reset_password_instructions_path_for(resource_name))
|
2011-06-16 19:10:53 +00:00
|
|
|
else
|
2012-01-02 21:12:09 +00:00
|
|
|
respond_with(resource)
|
2010-02-08 18:07:24 +00:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2009-11-10 20:55:13 +00:00
|
|
|
# GET /resource/password/edit?reset_password_token=abcdef
|
2009-10-08 00:46:40 +00:00
|
|
|
def edit
|
2009-10-10 14:05:56 +00:00
|
|
|
self.resource = resource_class.new
|
2014-12-16 21:14:32 +00:00
|
|
|
set_minimum_password_length
|
2009-10-18 11:14:52 +00:00
|
|
|
resource.reset_password_token = params[:reset_password_token]
|
2009-10-08 00:46:40 +00:00
|
|
|
end
|
|
|
|
|
2009-10-17 15:10:15 +00:00
|
|
|
# PUT /resource/password
|
2009-10-08 00:46:40 +00:00
|
|
|
def update
|
2012-05-15 08:07:02 +00:00
|
|
|
self.resource = resource_class.reset_password_by_token(resource_params)
|
2013-11-06 03:33:41 +00:00
|
|
|
yield resource if block_given?
|
2009-10-17 15:10:15 +00:00
|
|
|
|
2009-10-10 12:32:51 +00:00
|
|
|
if resource.errors.empty?
|
2012-11-07 09:45:46 +00:00
|
|
|
resource.unlock_access! if unlockable?(resource)
|
2015-02-13 10:14:02 +00:00
|
|
|
if Devise.sign_in_after_reset_password
|
|
|
|
flash_message = resource.active_for_authentication? ? :updated : :updated_not_active
|
2016-02-11 00:45:18 +00:00
|
|
|
set_flash_message!(:notice, flash_message)
|
2015-02-13 10:14:02 +00:00
|
|
|
sign_in(resource_name, resource)
|
|
|
|
else
|
2016-02-11 00:45:18 +00:00
|
|
|
set_flash_message!(:notice, :updated_not_active)
|
2015-02-13 10:14:02 +00:00
|
|
|
end
|
2015-07-10 12:01:42 +00:00
|
|
|
respond_with resource, location: after_resetting_password_path_for(resource)
|
2009-10-08 00:46:40 +00:00
|
|
|
else
|
2015-11-10 11:17:29 +00:00
|
|
|
set_minimum_password_length
|
2012-01-02 21:12:09 +00:00
|
|
|
respond_with resource
|
2009-10-08 00:46:40 +00:00
|
|
|
end
|
|
|
|
end
|
2011-05-20 22:49:53 +00:00
|
|
|
|
2011-05-13 16:39:11 +00:00
|
|
|
protected
|
2013-04-22 14:25:40 +00:00
|
|
|
def after_resetting_password_path_for(resource)
|
2015-07-10 12:01:42 +00:00
|
|
|
Devise.sign_in_after_reset_password ? after_sign_in_path_for(resource) : new_session_path(resource_name)
|
2013-04-22 12:22:53 +00:00
|
|
|
end
|
2011-05-13 16:39:11 +00:00
|
|
|
|
|
|
|
# The path used after sending reset password instructions
|
|
|
|
def after_sending_reset_password_instructions_path_for(resource_name)
|
2013-05-07 08:18:23 +00:00
|
|
|
new_session_path(resource_name) if is_navigational_format?
|
2011-05-13 16:39:11 +00:00
|
|
|
end
|
2011-05-20 22:49:53 +00:00
|
|
|
|
2012-06-08 08:08:35 +00:00
|
|
|
# Check if a reset_password_token is provided in the request
|
|
|
|
def assert_reset_token_passed
|
|
|
|
if params[:reset_password_token].blank?
|
2013-05-30 00:34:14 +00:00
|
|
|
set_flash_message(:alert, :no_token)
|
2012-06-08 08:08:35 +00:00
|
|
|
redirect_to new_session_path(resource_name)
|
|
|
|
end
|
|
|
|
end
|
2012-11-07 09:45:46 +00:00
|
|
|
|
|
|
|
# Check if proper Lockable module methods are present & unlock strategy
|
|
|
|
# allows to unlock resource on password reset
|
|
|
|
def unlockable?(resource)
|
|
|
|
resource.respond_to?(:unlock_access!) &&
|
|
|
|
resource.respond_to?(:unlock_strategy_enabled?) &&
|
|
|
|
resource.unlock_strategy_enabled?(:email)
|
|
|
|
end
|
2015-01-07 13:35:45 +00:00
|
|
|
|
|
|
|
def translation_scope
|
|
|
|
'devise.passwords'
|
|
|
|
end
|
2009-10-08 00:46:40 +00:00
|
|
|
end
|