module ApiBlocks::Doorkeeper::Passwords::Controller

Public Instance Methods

access_token(application, user) click to toggle source

Returns a new access token for this user.

# File lib/api_blocks/doorkeeper/passwords/controller.rb, line 141
def access_token(application, user)
  ::Doorkeeper::AccessToken.find_or_create_for(
    application,
    user.id,
    ::Doorkeeper.configuration.default_scopes,
    ::Doorkeeper.configuration.access_token_expires_in,
    true
  )
end
callback() click to toggle source

Handles the redirection from the email towards the application's `redirect_uri`.

# File lib/api_blocks/doorkeeper/passwords/controller.rb, line 84
def callback
  query = {
    reset_password_token: params[:reset_password_token]
  }.to_query

  redirect_to(
    "#{oauth_application.reset_password_uri}?#{query}"
  )
end
create() click to toggle source

Initialize the reset password workflow, sends a reset password email to the user.

# File lib/api_blocks/doorkeeper/passwords/controller.rb, line 70
def create
  user = user_model.send_reset_password_instructions(
    create_params, application: oauth_application
  )

  if successfully_sent?(user)
    render(status: :no_content)
  else
    respond_with(user)
  end
end
create_params() click to toggle source

Create permitted parameters

# File lib/api_blocks/doorkeeper/passwords/controller.rb, line 110
def create_params
  params.require(:user).permit(:email)
end
oauth_application() click to toggle source
# File lib/api_blocks/doorkeeper/passwords/controller.rb, line 151
def oauth_application
  @oauth_application ||= ::Doorkeeper::Application.find_by!(
    uid: params[:client_id]
  )
end
successfully_sent?(user) click to toggle source

Copied over from devise base controller in order to clear user errors if `Devise.paranoid` is active.

# File lib/api_blocks/doorkeeper/passwords/controller.rb, line 123
def successfully_sent?(user)
  if Devise.paranoid
    user.errors.clear
    true
  elsif user.errors.empty?
    true
  end
end
unlockable?(resource) click to toggle source

Copied over from devise base controller in order to determine wether a ser is unlockable or not.

# File lib/api_blocks/doorkeeper/passwords/controller.rb, line 134
def unlockable?(resource)
  resource.respond_to?(:unlock_access!) &&
    resource.respond_to?(:unlock_strategy_enabled?) &&
    resource.unlock_strategy_enabled?(:email)
end
update() click to toggle source

Updates the user password and returns a new Doorkeeper::AccessToken.

# File lib/api_blocks/doorkeeper/passwords/controller.rb, line 95
def update
  user = user_model.reset_password_by_token(update_params)

  return respond_with(user) unless user.errors.empty?

  user.unlock_access! if unlockable?(user)

  respond_with(::Doorkeeper::OAuth::TokenResponse.new(
    access_token(oauth_application, user)
  ).body)
end
update_params() click to toggle source

Update permitted parameters

# File lib/api_blocks/doorkeeper/passwords/controller.rb, line 115
def update_params
  params.require(:user).permit(
    :reset_password_token, :password
  )
end
user_model() click to toggle source

Returns the user model class.

# File lib/api_blocks/doorkeeper/passwords/controller.rb, line 158
def user_model
  raise 'the method `user_model` must be implemented on your password controller'
end