tabletop-companion/app/controllers/password_resets_controller.rb

43 lines
1.2 KiB
Ruby

# frozen_string_literal: true
class PasswordResetsController < ApplicationController
skip_before_action :authenticate
def new
reset_session
end
def create
user = User.find_by(username: params[:username])
if user
token = user.generate_token_for(:password_reset)
UserMailer.with(user: user, token: token).password_reset.deliver_later
redirect_to new_session_path, notice: t(".success") and return
end
redirect_to :root, notice: t(".error")
end
def edit
reset_session
@user = User.find_by(username: params[:id])
@token = params[:token]
unless @user == User.find_by_token_for(:password_reset, params[:token])
redirect_to :root, notice: t(".invalid_token") and return
end
end
def update
user = User.find_by(username: params[:id])
unless user == User.find_by_token_for(:password_reset, params[:token])
redirect_to :root, notice: t(".invalid_token") and return
end
if user.update(password: params[:password], password_confirmation: params[:password_confirmation])
redirect_to new_session_path, notice: t(".success")
else
redirect_to :root, notice: t(".error")
end
end
end