Permalink
Browse files

Forgot password should be working now....

  • Loading branch information...
aslakhellesoy committed Sep 24, 2008
1 parent 9fc1359 commit b0ce1e009da8566a7cb1a891b1f4a256d167cdb2
View
@@ -368,7 +368,7 @@ def ba_input_tag(tag)
end
end
- [:name, :email, :activation_code].each do |field|
+ [:name, :email, :activation_code, :reset_code].each do |field|
desc %{The #{field} of the recipient.
This tag can only be used in the body section of email parts}
@@ -2,7 +2,7 @@
Your account has been updated
</r:ba:if_flash>
-<form method="post">
+<form method="post" action="<r:page:url/>">
<p><label for="site_user_name">Name</label>
<r:ba:input object="site_user" field="name" type="text">
<r:error/>
@@ -3,7 +3,7 @@ <h3>You are registered, <r:ba:site_user_name /></h3>
We will send you an invoice of <r:ba:attendance:price /> later.
-<form method="post">
+<form method="post" action="<r:page:url/>">
<p><label for="attendance_price_code">Price code</label>
<r:ba:input object="attendance" field="price_code" type="text">
<r:error/>
@@ -2,7 +2,7 @@
We have sent you an email that will allow you to reset the password.
</r:ba:if_flash>
-<form method="post">
+<form method="post" action="<r:page:url/>">
<p>
<label for="email">Email</label><br/>
<input id="email" type="text" name="email" value="<r:ba:request_param name="email" />"/>
@@ -1,4 +1,4 @@
From: "Someone" <someone@somewhere.com>
Subject: Some subject
-Follow this link: http://example.com/account
+Follow this link: http://example.com/account?reset_code=<r:ba:email:site_user:reset_code />
@@ -1,6 +1,6 @@
<h2>Please sign up below</h2>
-<form method="post">
+<form method="post" action="<r:page:url/>">
<p><label for="site_user_name">Name</label>
<r:ba:input object="site_user" field="name" type="text">
<r:error/>
@@ -13,6 +13,7 @@ def process(request, response)
if request.post?
email = request.parameters[:email]
site_user = SiteUser.find_by_email(email)
+ site_user.make_reset_code!
send_reset_password_email(site_user)
controller.redirect_to(self.url)
else
View
@@ -35,6 +35,21 @@ class SiteUser < ActiveRecord::Base
:phone_number, :title, :role, :company, :billing_address, :billing_area_code,
:billing_city
+ def clear_reset_code!
+ self.reset_code = nil
+ save(false)
+ end
+
+ def recently_reset_password?
+ @reset_code_set
+ end
+
+ def make_reset_code!
+ @reset_code_set = true
+ self.reset_code = self.class.make_token
+ save(false)
+ end
+
# Authenticates a site_user by their email and unencrypted password. Returns the site_user or nil.
#
# uff. this is really an authorization, not authentication routine.
View
@@ -64,6 +64,7 @@ def cache?
session :disabled => false # :on
include AuthenticatedSystem
before_filter :authenticate_from_activation_code
+ before_filter :authenticate_from_reset_code
public :redirect_to, :flash
@@ -78,10 +79,21 @@ def no_login_required?
end
def authenticate_from_activation_code
- if params[:activation_code]
+ if activation_code = params.delete(:activation_code)
logout_keeping_session!
- site_user = SiteUser.find_by_activation_code(params[:activation_code]) unless params[:activation_code].blank?
- if (!params[:activation_code].blank?) && site_user && !site_user.active?
+ site_user = SiteUser.find_by_activation_code(activation_code) unless activation_code.blank?
+ if site_user && !site_user.active?
+ self.current_site_user = site_user
+ end
+ end
+ end
+
+ def authenticate_from_reset_code
+ if reset_code = params.delete(:reset_code)
+ logout_keeping_session!
+ site_user = SiteUser.find_by_reset_code(reset_code) unless reset_code.blank?
+ if site_user
+ site_user.clear_reset_code!
self.current_site_user = site_user
end
end
@@ -0,0 +1,9 @@
+class AddPasswordResetCode < ActiveRecord::Migration
+ def self.up
+ add_column :site_users, :reset_code, :string
+ end
+
+ def self.down
+ remove_column :site_users, :reset_code
+ end
+end
View
@@ -32,8 +32,8 @@ Feature: Account
GivenScenario: Receive reset password email
When I follow the link in "Aslak"'s reset password email
And I fill in "newaddr@new.com" for "Email"
- And I fill in "phewphew" for "Password"
- And I fill in "phewphew" for "Password confirmation"
+ And I fill in "phewphew" for "Choose Password"
+ And I fill in "phewphew" for "Confirm Password"
And I press "Save"
Then "Aslak"'s Email should be "newaddr@new.com"
And I should see "Your account has been updated"
View
@@ -46,7 +46,8 @@
end
if sent.to_s =~ /Follow this link: http:\/\/example.com(.*)$/
- visits $1
+ reset_link = $1
+ visits reset_link
else
raise "Couldn't find a reset link in the mail:\n#{sent}"
end

0 comments on commit b0ce1e0

Please sign in to comment.