]> git.openstreetmap.org Git - rails.git/blob - app/controllers/passwords_controller.rb
Merge remote-tracking branch 'upstream/pull/4486'
[rails.git] / app / controllers / passwords_controller.rb
1 class PasswordsController < ApplicationController
2   include SessionMethods
3
4   layout "site"
5
6   before_action :authorize_web
7   before_action :set_locale
8   before_action :check_database_readable
9
10   authorize_resource :class => false
11
12   before_action :check_database_writable
13
14   def new
15     @title = t ".title"
16   end
17
18   def edit
19     @title = t ".title"
20
21     if params[:token]
22       token = UserToken.find_by(:token => params[:token])
23
24       if token
25         self.current_user = token.user
26       else
27         flash[:error] = t ".flash token bad"
28         redirect_to :action => "new"
29       end
30     else
31       head :bad_request
32     end
33   end
34
35   def create
36     user = User.visible.find_by(:email => params[:email])
37
38     if user.nil?
39       users = User.visible.where("LOWER(email) = LOWER(?)", params[:email])
40
41       user = users.first if users.count == 1
42     end
43
44     if user
45       token = user.tokens.create
46       UserMailer.lost_password(user, token).deliver_later
47       flash[:notice] = t ".notice email on way"
48       redirect_to login_path
49     else
50       flash.now[:error] = t ".notice email cannot find"
51       render :new
52     end
53   end
54
55   def update
56     if params[:token]
57       token = UserToken.find_by(:token => params[:token])
58
59       if token
60         self.current_user = token.user
61
62         if params[:user]
63           current_user.pass_crypt = params[:user][:pass_crypt]
64           current_user.pass_crypt_confirmation = params[:user][:pass_crypt_confirmation]
65           current_user.activate if current_user.may_activate?
66           current_user.email_valid = true
67
68           if current_user.save
69             token.destroy
70             session[:fingerprint] = current_user.fingerprint
71             flash[:notice] = t ".flash changed"
72             successful_login(current_user)
73           else
74             render :edit
75           end
76         end
77       else
78         flash[:error] = t ".flash token bad"
79         redirect_to :action => "new"
80       end
81     else
82       head :bad_request
83     end
84   end
85 end