module Devise::Models::Recoverable
Recoverable
takes care of resetting the user password and send reset instructions.
Options¶ ↑
Recoverable
adds the following options to devise_for:
* +reset_password_keys+: the keys you want to use when recovering the password for an account
Examples¶ ↑
# resets the user password and save the record, true if valid passwords are given, otherwise false User.find(1).reset_password!('password123', 'password123') # only resets the user password, without saving the record user = User.find(1) user.reset_password('password123', 'password123') # creates a new token and send it with instructions about how to reset the password User.find(1).send_reset_password_instructions
Public Class Methods
# File lib/devise/models/recoverable.rb, line 27 def self.required_fields(klass) [:reset_password_sent_at, :reset_password_token] end
Public Instance Methods
Update password saving the record and clearing token. Returns true if the passwords are valid and the record was saved, false otherwise.
# File lib/devise/models/recoverable.rb, line 33 def reset_password!(new_password, new_password_confirmation) self.password = new_password self.password_confirmation = new_password_confirmation if valid? clear_reset_password_token after_password_reset end save end
Checks if the reset password token sent is within the limit time. We do this by calculating if the difference between today and the sending date does not exceed the confirm in time configured. Returns true if the resource is not responding to reset_password_sent_at at all. reset_password_within is a model configuration, must always be an integer value.
Example:
# reset_password_within = 1.day and reset_password_sent_at = today reset_password_period_valid? # returns true # reset_password_within = 5.days and reset_password_sent_at = 4.days.ago reset_password_period_valid? # returns true # reset_password_within = 5.days and reset_password_sent_at = 5.days.ago reset_password_period_valid? # returns false # reset_password_within = 0.days reset_password_period_valid? # will always return false
# File lib/devise/models/recoverable.rb, line 74 def reset_password_period_valid? reset_password_sent_at && reset_password_sent_at.utc >= self.class.reset_password_within.ago end
Resets reset password token and send reset password instructions by email. Returns the token sent in the e-mail.
# File lib/devise/models/recoverable.rb, line 47 def send_reset_password_instructions token = set_reset_password_token send_reset_password_instructions_notification(token) token end
Protected Instance Methods
A callback initiated after password is successfully reset. This can be used to insert your own logic that is only run after the user successfully resets their password.
Example:
def after_password_reset self.update_attribute(:invite_code, nil) end
# File lib/devise/models/recoverable.rb, line 96 def after_password_reset end
Removes reset_password token
# File lib/devise/models/recoverable.rb, line 81 def clear_reset_password_token self.reset_password_token = nil self.reset_password_sent_at = nil end
# File lib/devise/models/recoverable.rb, line 108 def send_reset_password_instructions_notification(token) send_devise_notification(:reset_password_instructions, token, {}) end
# File lib/devise/models/recoverable.rb, line 99 def set_reset_password_token raw, enc = Devise.token_generator.generate(self.class, :reset_password_token) self.reset_password_token = enc self.reset_password_sent_at = Time.now.utc self.save(validate: false) raw end