mirror of
https://github.com/heartcombo/devise.git
synced 2022-11-09 12:18:31 -05:00
a5ba2ac1a8
We need to be sure require_no_authentication runs before other user filters that may call some Devise helper (ie current_xxx). Conflicts: app/controllers/devise/passwords_controller.rb app/controllers/devise/registrations_controller.rb app/controllers/devise/sessions_controller.rb app/controllers/devise/unlocks_controller.rb lib/devise/controllers/internal_helpers.rb test/rails_app/app/controllers/application_controller.rb
41 lines
1.1 KiB
Ruby
41 lines
1.1 KiB
Ruby
class Devise::PasswordsController < ApplicationController
|
|
prepend_before_filter :require_no_authentication
|
|
include Devise::Controllers::InternalHelpers
|
|
|
|
# GET /resource/password/new
|
|
def new
|
|
build_resource
|
|
render_with_scope :new
|
|
end
|
|
|
|
# POST /resource/password
|
|
def create
|
|
self.resource = resource_class.send_reset_password_instructions(params[resource_name])
|
|
|
|
if resource.errors.empty?
|
|
set_flash_message :notice, :send_instructions
|
|
redirect_to new_session_path(resource_name)
|
|
else
|
|
render_with_scope :new
|
|
end
|
|
end
|
|
|
|
# GET /resource/password/edit?reset_password_token=abcdef
|
|
def edit
|
|
self.resource = resource_class.new
|
|
resource.reset_password_token = params[:reset_password_token]
|
|
render_with_scope :edit
|
|
end
|
|
|
|
# PUT /resource/password
|
|
def update
|
|
self.resource = resource_class.reset_password_by_token(params[resource_name])
|
|
|
|
if resource.errors.empty?
|
|
set_flash_message :notice, :updated
|
|
sign_in_and_redirect(resource_name, resource)
|
|
else
|
|
render_with_scope :edit
|
|
end
|
|
end
|
|
end
|