43 lines
1.2 KiB
Ruby
43 lines
1.2 KiB
Ruby
|
# frozen_string_literal: true
|
||
|
|
||
|
class PasswordResetsController < ApplicationController
|
||
|
skip_before_action :authenticate
|
||
|
|
||
|
def new
|
||
|
reset_session
|
||
|
end
|
||
|
|
||
|
def create
|
||
|
user = User.find_by(username: params[:username])
|
||
|
if user
|
||
|
token = user.generate_token_for(:password_reset)
|
||
|
UserMailer.with(user: user, token: token).password_reset.deliver_later
|
||
|
redirect_to new_session_path, notice: t(".success") and return
|
||
|
end
|
||
|
|
||
|
redirect_to :root, notice: t(".error")
|
||
|
end
|
||
|
|
||
|
def edit
|
||
|
reset_session
|
||
|
@user = User.find_by(username: params[:id])
|
||
|
@token = params[:token]
|
||
|
unless @user == User.find_by_token_for(:password_reset, params[:token])
|
||
|
redirect_to :root, notice: t(".invalid_token") and return
|
||
|
end
|
||
|
end
|
||
|
|
||
|
def update
|
||
|
user = User.find_by(username: params[:id])
|
||
|
unless user == User.find_by_token_for(:password_reset, params[:token])
|
||
|
redirect_to :root, notice: t(".invalid_token") and return
|
||
|
end
|
||
|
|
||
|
if user.update(password: params[:password], password_confirmation: params[:password_confirmation])
|
||
|
redirect_to new_session_path, notice: t(".success")
|
||
|
else
|
||
|
redirect_to :root, notice: t(".error")
|
||
|
end
|
||
|
end
|
||
|
end
|