Class: PasswordResetsController

Inherits:
ApplicationController show all
Defined in:
app/controllers/password_resets_controller.rb

Instance Method Summary collapse

Methods inherited from ApplicationController

#robot?

Instance Method Details

#createObject

Create new password reset request


10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
# File 'app/controllers/password_resets_controller.rb', line 10

def create
  @user = User.find_by_email(params[:primaryEmail])
  @active_directory_services = ActiveDirectory.new

  if verify_recaptcha(:model => @user, :attribute => "verification code")
    if @user && @user.personal_email == params[:personalEmail]
      @active_directory_services.send_password_reset_token(@user)
    else
      flash[:error] = "Your entries do not match records"
      redirect_to new_password_reset_path and return
    end
    redirect_to root_url, :notice => "Password reset instructions have been sent to your secondary email account."
  else
    flash[:error] = "Verification code is wrong"
    redirect_to new_password_reset_path
  end
end

#editObject

Display edit form with password reset token link


29
30
31
32
33
# File 'app/controllers/password_resets_controller.rb', line 29

def edit
  @user = User.find_by_password_reset_token!(params[:id])
rescue ActiveRecord::RecordNotFound
  redirect_to new_password_reset_path, :flash => {:error => "Password reset link has expired."}
end

#indexObject

Display new password reset page


5
6
7
# File 'app/controllers/password_resets_controller.rb', line 5

def index
  redirect_to new_password_reset_path
end

#updateObject

Do actual password reset


36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
# File 'app/controllers/password_resets_controller.rb', line 36

def update
  @user = User.find_by_password_reset_token!(params[:id])
  @active_directory_services = ActiveDirectory.new
  respond_to do |format|
    if @user.password_reset_sent_at > 2.hours.ago
      if params[:newPassword]
        if @active_directory_services.reset_password(@user, params[:newPassword]) == "Success"
          flash[:notice] = "Password has been reset!"
          format.html { redirect_to root_url }
        else
          flash[:error]="Password reset was unsuccessful."
          redirect_to edit_password_reset_path and return
        end
      end
    else
      flash[:error] = "Password reset link has expired."
      format.html { redirect_to new_password_reset_path }
    end
  end
end