Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Fetching contributors…

Cannot retrieve contributors at this time

86 lines (71 sloc) 2.375 kb
class Clearance::PasswordsController < ApplicationController
unloadable
skip_before_filter :authenticate, :only => [:new, :create, :edit, :update]
before_filter :forbid_missing_token, :only => [:edit, :update]
before_filter :forbid_non_existent_user, :only => [:edit, :update]
filter_parameter_logging :password, :password_confirmation
def new
render :template => 'passwords/new'
end
def create
if user = ::User.find_by_email(params[:password][:email])
user.forgot_password!
::ClearanceMailer.change_password(user).deliver
flash_notice_after_create
redirect_to(url_after_create)
else
flash_failure_after_create
render :template => 'passwords/new'
end
end
def edit
@user = ::User.find_by_id_and_confirmation_token(
params[:user_id], params[:token])
render :template => 'passwords/edit'
end
def update
@user = ::User.find_by_id_and_confirmation_token(
params[:user_id], params[:token])
if @user.update_password(params[:user][:password],
params[:user][:password_confirmation])
@user.confirm_email!
sign_in(@user)
flash_success_after_update
redirect_to(url_after_update)
else
render :template => 'passwords/edit'
end
end
private
def forbid_missing_token
if params[:token].blank?
raise ActionController::Forbidden, "missing token"
end
end
def forbid_non_existent_user
unless ::User.find_by_id_and_confirmation_token(
params[:user_id], params[:token])
raise ActionController::Forbidden, "non-existent user"
end
end
def flash_notice_after_create
flash[:notice] = translate(:deliver_change_password,
:scope => [:clearance, :controllers, :passwords],
:default => "You will receive an email within the next few minutes. " <<
"It contains instructions for changing your password.")
end
def flash_failure_after_create
flash.now[:failure] = translate(:unknown_email,
:scope => [:clearance, :controllers, :passwords],
:default => "Unknown email.")
end
def url_after_create
sign_in_url
end
def flash_success_after_update
flash[:success] = translate(:signed_in, :default => "Signed in.")
end
def url_after_update
'/'
end
end
Jump to Line
Something went wrong with that request. Please try again.