Redstoner/redstoner.com
Archived
0
Fork 0
Code Issues Pull Requests 2 Wiki Activity

add password reset

Browse Source
This commit is contained in:
jomo
2014-06-17 23:35:56 +02:00
parent bf3eab3cd4
commit 15d04585e6
4 changed files with 60 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
app/controllers/users_controller.rb
View File

@@ -91,6 +91,7 @@ class UsersController < ApplicationController
@user.ign = user_profile["name"] # correct case
if validate_token(@user.uuid, @user.email, params[:registration_token])
destroy_token(@user.email, params[:registration_token]) # tokens can be used to reset password
@user.last_ip = request.remote_ip # showing in mail
if @user.save
session[:user_id] = @user.id
@@ -265,7 +266,31 @@ class UsersController < ApplicationController
end
end
def lost_password
if current_user
flash[:notice] = "You're already logged in!"
redirect_to current_user
end
end
def reset_password
user = User.find_by_email(params[:email])
if user && validate_token(user.uuid, user.email, params[:secret_token])
destroy_token(user.email, params[:secret_token]) # tokens can be used to reset password
user.password = params[:new_password]
user.password_confirmation = params[:new_password]
if user.save
flash[:notice] = "Password reset"
redirect_to login_path
else
flash[:alert] = "Failed to update password"
render action: "lost_password"
end
else
flash[:alert] = "Token or Email adress invalid!"
render action: "lost_password"
end
end
private
@@ -274,6 +299,11 @@ class UsersController < ApplicationController
user_token && user_token.token == token
end
def destroy_token(email, token)
user_token = RegisterToken.where(token: token, email: email).first
user_token && user_token.destroy
end
def user_params(add = [])
a = [:ign, :email, :password, :password_confirmation, :mail_own_thread_reply, :mail_other_thread_reply, :mail_own_blogpost_comment, :mail_other_blogpost_comment, :mail_mention] + add
params.require(:user).permit(a)

4
app/views/sessions/new.html.erb
View File

@@ -10,6 +10,10 @@
<td><%= label_tag :password %></td>
<td><%= password_field_tag :password, nil, placeholder: "******" %></td>
</tr>
<tr>
<td></td>
<td><%= link_to "Lost your password?", lost_password_users_path %></td>
</tr>
</table>
<p><%= submit_tag "Log in", class: "btn blue" %></p>
<% end %>

22
app/views/users/lost_password.html.erb Normal file
View File

@@ -0,0 +1,22 @@
<% title "Reset password" %>
<h1>Reset password</h1>
<p>You lost your password? Don't do that!</p>
<p>Luckily for you, you can reset your password. Please use the command <code>/tokengen &lt;your email adress&gt;</code>, then fill in the form below:</p>
<%= form_tag reset_password_users_path do |f| %>
<table>
<tr>
<td><%= label_tag :email %></td>
<td><%= text_field_tag :email, nil, placeholder: "steve@example.com", required: true, pattern: ".+@.+", title: "enter valid email adress", "x-moz-errormessage" => "enter valid email adress" %></td>
</tr>
<tr>
<td><%= label_tag :secret_token %></td>
<td><%= text_field_tag :secret_token, nil, placeholder: "abcdef", required: true, pattern: "[a-z]{6}", title: "6 character token", "x-moz-errormessage" => "6 character token" %></td>
</tr>
<tr>
<td><%= label_tag :new_password %></td>
<td><%= password_field_tag :new_password, nil, placeholder: "secret", required: true, pattern: ".{8,}", title: "minimum 8 characters", "x-moz-errormessage" => "minimum 8 characters" %></td>
</tr>
</table>
<p><%= submit_tag "Reset password", class: "btn blue" %></p>
<% end %>

4
config/routes.rb
View File

@@ -20,6 +20,10 @@ Redstoner::Application.routes.draw do
get 'edit_notifications'
put 'update_login'
end
collection do
get 'lost_password'
post 'reset_password'
end
end
resources :forumgroups, path: '/forums/groups'