1 class PasswordsController < ApplicationController
6 before_action :authorize_web
7 before_action :set_locale
8 before_action :check_database_readable
10 authorize_resource :class => false
12 before_action :check_database_writable, :only => [:lost_password, :reset_password]
15 @title = t "passwords.lost_password.title"
18 user = User.visible.find_by(:email => params[:email])
21 users = User.visible.where("LOWER(email) = LOWER(?)", params[:email])
23 user = users.first if users.count == 1
27 token = user.tokens.create
28 UserMailer.lost_password(user, token).deliver_later
29 flash[:notice] = t "passwords.lost_password.notice email on way"
30 redirect_to login_path
32 flash.now[:error] = t "passwords.lost_password.notice email cannot find"
38 @title = t "passwords.reset_password.title"
41 token = UserToken.find_by(:token => params[:token])
44 self.current_user = token.user
47 current_user.pass_crypt = params[:user][:pass_crypt]
48 current_user.pass_crypt_confirmation = params[:user][:pass_crypt_confirmation]
49 current_user.activate if current_user.may_activate?
50 current_user.email_valid = true
54 session[:fingerprint] = current_user.fingerprint
55 flash[:notice] = t "passwords.reset_password.flash changed"
56 successful_login(current_user)
60 flash[:error] = t "passwords.reset_password.flash token bad"
61 redirect_to :action => "lost_password"