1 class PasswordsController < ApplicationController
6 before_action :authorize_web
7 before_action :set_locale
8 before_action :check_database_readable
10 authorize_resource :class => false
12 before_action :check_database_writable
22 self.current_user = User.find_by_token_for(:password_reset, params[:token]) ||
23 UserToken.unexpired.find_by(:token => params[:token])&.user
26 flash[:error] = t ".flash token bad"
27 redirect_to :action => "new"
35 user = User.visible.find_by(:email => params[:email])
38 users = User.visible.where("LOWER(email) = LOWER(?)", params[:email])
40 user = users.first if users.count == 1
44 token = user.generate_token_for(:password_reset)
45 UserMailer.lost_password(user, token).deliver_later
46 flash[:notice] = t ".notice email on way"
47 redirect_to login_path
49 flash.now[:error] = t ".notice email cannot find"
56 self.current_user = User.find_by_token_for(:password_reset, params[:token]) ||
57 UserToken.unexpired.find_by(:token => params[:token])&.user
61 current_user.pass_crypt = params[:user][:pass_crypt]
62 current_user.pass_crypt_confirmation = params[:user][:pass_crypt_confirmation]
63 current_user.activate if current_user.may_activate?
64 current_user.email_valid = true
67 UserToken.delete_by(:token => params[:token])
68 session[:fingerprint] = current_user.fingerprint
69 flash[:notice] = t ".flash changed"
70 successful_login(current_user)
76 flash[:error] = t ".flash token bad"
77 redirect_to :action => "new"