initial after migration

author: Matthew Lemon <y@yulqen.org> 2024-11-11 16:19:44 +0000
committer: Matthew Lemon <y@yulqen.org> 2024-11-11 16:19:44 +0000
commit: 97201e0bca203b6b303789374ffd7e4228e062a7 (patch)
tree: 1d70b0c499c514ceccd906b6b6e85dcbacbd3f45 /app/controllers/passwords_controller.rb
1 files changed, 33 insertions, 0 deletions
diff --git a/app/controllers/passwords_controller.rb b/app/controllers/passwords_controller.rb
new file mode 100644
index 0000000..0c4b4a8
--- /dev/null
+++ b/app/controllers/passwords_controller.rb
@@ -0,0 +1,33 @@
+class PasswordsController < ApplicationController
+  allow_unauthenticated_access
+  before_action :set_user_by_token, only: %i[ edit update ]
+
+  def new
+  end
+
+  def create
+    if user = User.find_by(email_address: params[:email_address])
+      PasswordsMailer.reset(user).deliver_later
+    end
+
+    redirect_to new_session_path, notice: "Password reset instructions sent (if user with that email address exists)."
+  end
+
+  def edit
+  end
+
+  def update
+    if @user.update(params.permit(:password, :password_confirmation))
+      redirect_to new_session_path, notice: "Password has been reset."
+    else
+      redirect_to edit_password_path(params[:token]), alert: "Passwords did not match."
+    end
+  end
+
+  private
+    def set_user_by_token
+      @user = User.find_by_password_reset_token!(params[:token])
+    rescue ActiveSupport::MessageVerifier::InvalidSignature
+      redirect_to new_password_path, alert: "Password reset link is invalid or has expired."
+    end
+end
author	Matthew Lemon <y@yulqen.org>	2024-11-11 16:19:44 +0000
committer	Matthew Lemon <y@yulqen.org>	2024-11-11 16:19:44 +0000
commit	97201e0bca203b6b303789374ffd7e4228e062a7 (patch)
tree	1d70b0c499c514ceccd906b6b6e85dcbacbd3f45 /app/controllers/passwords_controller.rb