X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/dc28f1dccc5589afa667bf6959f12e6b18589459..7406ae5dcc9cbb177a8ea33085af9caf6e3ebb1b:/app/controllers/passwords_controller.rb diff --git a/app/controllers/passwords_controller.rb b/app/controllers/passwords_controller.rb index 08df9f7a4..87d25df68 100644 --- a/app/controllers/passwords_controller.rb +++ b/app/controllers/passwords_controller.rb @@ -9,34 +9,50 @@ class PasswordsController < ApplicationController authorize_resource :class => false - before_action :check_database_writable, :only => [:lost_password, :reset_password] + before_action :check_database_writable - def lost_password + def new @title = t ".title" + end - if request.post? - user = User.visible.find_by(:email => params[:email]) - - if user.nil? - users = User.visible.where("LOWER(email) = LOWER(?)", params[:email]) + def edit + @title = t ".title" - user = users.first if users.count == 1 - end + if params[:token] + token = UserToken.find_by(:token => params[:token]) - if user - token = user.tokens.create - UserMailer.lost_password(user, token).deliver_later - flash[:notice] = t ".notice email on way" - redirect_to login_path + if token + self.current_user = token.user else - flash.now[:error] = t ".notice email cannot find" + flash[:error] = t ".flash token bad" + redirect_to :action => "new" end + else + head :bad_request end end - def reset_password - @title = t ".title" + def create + user = User.visible.find_by(:email => params[:email]) + + if user.nil? + users = User.visible.where("LOWER(email) = LOWER(?)", params[:email]) + + user = users.first if users.count == 1 + end + + if user + token = user.tokens.create + UserMailer.lost_password(user, token).deliver_later + flash[:notice] = t ".notice email on way" + redirect_to login_path + else + flash.now[:error] = t ".notice email cannot find" + render :new + end + end + def update if params[:token] token = UserToken.find_by(:token => params[:token]) @@ -54,11 +70,13 @@ class PasswordsController < ApplicationController session[:fingerprint] = current_user.fingerprint flash[:notice] = t ".flash changed" successful_login(current_user) + else + render :edit end end else flash[:error] = t ".flash token bad" - redirect_to :action => "lost_password" + redirect_to :action => "new" end else head :bad_request