class PasswordResetsController

Public Instance Methods

create() click to toggle source
# File lib/generators/authpro/templates/password_resets_controller.rb, line 5
def create
  user = User.find_by email: params[:email]

  if user
    user.prepare_password_reset
    UserMailer.password_reset(user).deliver
    redirect_to root_url, notice: "Email sent with password reset instructions."
  else
    flash.now.alert = "We could not find anyone with that email address."
    render "new"
  end
end
edit() click to toggle source
# File lib/generators/authpro/templates/password_resets_controller.rb, line 18
def edit
  @user = User.find_by! password_reset_token: params[:id]
end
new() click to toggle source
# File lib/generators/authpro/templates/password_resets_controller.rb, line 2
def new
end
update() click to toggle source
# File lib/generators/authpro/templates/password_resets_controller.rb, line 22
def update
  @user = User.find_by! password_reset_token: params[:id]
  if @user.password_reset_sent_at < 20.hours.ago
    redirect_to new_password_reset_path, alert: "Password reset has expired."
  elsif @user.update_attributes(user_params)
    redirect_to root_url, notice: "Password has been reset."
  else
    render :edit
  end
end

Private Instance Methods

user_params() click to toggle source

Never trust parameters from the scary internet, only allow the white list through.

# File lib/generators/authpro/templates/password_resets_controller.rb, line 35
def user_params
  params.require(:user).permit(:password, :password_confirmation)
end