app/controllers/passwords_controller.rb

   1 class PasswordsController < ApplicationController
   2   include SessionMethods
   3
   4   layout "site"
   5
   6   before_action :authorize_web
   7   before_action :set_locale
   8   before_action :check_database_readable
   9
  10   authorize_resource :class => false
  11
  12   before_action :check_database_writable
  13
  14   def new
  15     @title = t ".title"
  16   end
  17
  18   def edit
  19     @title = t ".title"
  20
  21     if params[:token]
  22       token = UserToken.find_by(:token => params[:token])
  23
  24       if token
  25         self.current_user = token.user
  26       else
  27         flash[:error] = t ".flash token bad"
  28         redirect_to :action => "new"
  29       end
  30     else
  31       head :bad_request
  32     end
  33   end
  34
  35   def create
  36     user = User.visible.find_by(:email => params[:email])
  37
  38     if user.nil?
  39       users = User.visible.where("LOWER(email) = LOWER(?)", params[:email])
  40
  41       user = users.first if users.count == 1
  42     end
  43
  44     if user
  45       token = user.tokens.create
  46       UserMailer.lost_password(user, token).deliver_later
  47       flash[:notice] = t ".notice email on way"
  48       redirect_to login_path
  49     else
  50       flash.now[:error] = t ".notice email cannot find"
  51       render :new
  52     end
  53   end
  54
  55   def update
  56     if params[:token]
  57       token = UserToken.find_by(:token => params[:token])
  58
  59       if token
  60         self.current_user = token.user
  61
  62         if params[:user]
  63           current_user.pass_crypt = params[:user][:pass_crypt]
  64           current_user.pass_crypt_confirmation = params[:user][:pass_crypt_confirmation]
  65           current_user.activate if current_user.may_activate?
  66           current_user.email_valid = true
  67
  68           if current_user.save
  69             token.destroy
  70             session[:fingerprint] = current_user.fingerprint
  71             flash[:notice] = t ".flash changed"
  72             successful_login(current_user)
  73           else
  74             render :edit
  75           end
  76         end
  77       else
  78         flash[:error] = t ".flash token bad"
  79         redirect_to :action => "new"
  80       end
  81     else
  82       head :bad_request
  83     end
  84   end
  85 end