Unlock user when re-setting password and unlock strategy is :email or :both

app/controllers/devise/passwords_controller.rb

@@ -30,6 +30,7 @@ class Devise::PasswordsController < DeviseController
     self.resource = resource_class.reset_password_by_token(resource_params)
 
     if resource.errors.empty?
+      resource.unlock_access! if unlockable?(resource)
       flash_message = resource.active_for_authentication? ? :updated : :updated_not_active
       set_flash_message(:notice, flash_message) if is_navigational_format?
       sign_in(resource_name, resource)
@@ -53,4 +54,12 @@ class Devise::PasswordsController < DeviseController
         redirect_to new_session_path(resource_name)
       end
     end
+
+    # Check if proper Lockable module methods are present & unlock strategy
+    # allows to unlock resource on password reset
+    def unlockable?(resource)
+      resource.respond_to?(:unlock_access!) &&
+        resource.respond_to?(:unlock_strategy_enabled?) &&
+        resource.unlock_strategy_enabled?(:email)
+    end
 end

test/integration/recoverable_test.rb

@@ -190,15 +190,43 @@ class PasswordTest < ActionController::IntegrationTest
     assert warden.authenticated?(:user)
   end
 
-  test 'does not sign in user automatically after changing its password if it\'s locked' do
+  test 'does not sign in user automatically after changing its password if it\'s locked and unlock strategy is :none or :time' do
-    user = create_user(:locked => true)
+    [:none, :time].each do |strategy|
-    request_forgot_password
+      swap Devise, :unlock_strategy => strategy do
-    reset_password :reset_password_token => user.reload.reset_password_token
+        user = create_user(:locked => true)
+        request_forgot_password
+        reset_password :reset_password_token => user.reload.reset_password_token
 
-    assert_contain 'Your password was changed successfully.'
+        assert_contain 'Your password was changed successfully.'
-    assert_not_contain 'You are now signed in.'
+        assert_not_contain 'You are now signed in.'
-    assert_equal new_user_session_path, @request.path
+        assert_equal new_user_session_path, @request.path
-    assert !warden.authenticated?(:user)
+        assert !warden.authenticated?(:user)
+      end
+    end
+  end
+
+  test 'unlocks and signs in locked user automatically after changing it\'s password if unlock strategy is :email' do
+    swap Devise, :unlock_strategy => :email do
+      user = create_user(:locked => true)
+      request_forgot_password
+      reset_password :reset_password_token => user.reload.reset_password_token
+
+      assert_contain 'Your password was changed successfully.'
+      assert !user.reload.access_locked?
+      assert warden.authenticated?(:user)
+    end
+  end
+
+  test 'unlocks and signs in locked user automatically after changing it\'s password if unlock strategy is :both' do
+    swap Devise, :unlock_strategy => :both do
+      user = create_user(:locked => true)
+      request_forgot_password
+      reset_password :reset_password_token => user.reload.reset_password_token
+
+      assert_contain 'Your password was changed successfully.'
+      assert !user.reload.access_locked?
+      assert warden.authenticated?(:user)
+    end
   end
 
   test 'sign in user automatically and confirm after changing its password if it\'s not confirmed' do