X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/446837c3511bf76f11b0d1e6d5a3ff79b69b0d70..7406ae5dcc9cbb177a8ea33085af9caf6e3ebb1b:/app/controllers/passwords_controller.rb?ds=sidebyside diff --git a/app/controllers/passwords_controller.rb b/app/controllers/passwords_controller.rb index 502b1357f..87d25df68 100644 --- a/app/controllers/passwords_controller.rb +++ b/app/controllers/passwords_controller.rb @@ -9,34 +9,50 @@ class PasswordsController < ApplicationController authorize_resource :class => false - before_action :check_database_writable, :only => [:lost_password, :reset_password] + before_action :check_database_writable - def lost_password - @title = t "passwords.lost_password.title" - - if request.post? - user = User.visible.find_by(:email => params[:email]) + def new + @title = t ".title" + end - if user.nil? - users = User.visible.where("LOWER(email) = LOWER(?)", params[:email]) + def edit + @title = t ".title" - user = users.first if users.count == 1 - end + if params[:token] + token = UserToken.find_by(:token => params[:token]) - if user - token = user.tokens.create - UserMailer.lost_password(user, token).deliver_later - flash[:notice] = t "passwords.lost_password.notice email on way" - redirect_to login_path + if token + self.current_user = token.user else - flash.now[:error] = t "passwords.lost_password.notice email cannot find" + flash[:error] = t ".flash token bad" + redirect_to :action => "new" end + else + head :bad_request end end - def reset_password - @title = t "passwords.reset_password.title" + def create + user = User.visible.find_by(:email => params[:email]) + + if user.nil? + users = User.visible.where("LOWER(email) = LOWER(?)", params[:email]) + + user = users.first if users.count == 1 + end + + if user + token = user.tokens.create + UserMailer.lost_password(user, token).deliver_later + flash[:notice] = t ".notice email on way" + redirect_to login_path + else + flash.now[:error] = t ".notice email cannot find" + render :new + end + end + def update if params[:token] token = UserToken.find_by(:token => params[:token]) @@ -52,13 +68,15 @@ class PasswordsController < ApplicationController if current_user.save token.destroy session[:fingerprint] = current_user.fingerprint - flash[:notice] = t "passwords.reset_password.flash changed" + flash[:notice] = t ".flash changed" successful_login(current_user) + else + render :edit end end else - flash[:error] = t "passwords.reset_password.flash token bad" - redirect_to :action => "lost_password" + flash[:error] = t ".flash token bad" + redirect_to :action => "new" end else head :bad_request