Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # my model
- ##################################
- class User < ActiveRecord::Base
- acts_as_authentic
- attr_accessor :old_password
- validate :old_password_is_correct,
- :on => :update,
- :if => :old_password_required?
- def deliver_password_reset_instructions!
- reset_perishable_token!
- UserNotifier.deliver_password_reset_instructions(self)
- end
- def old_password_required?
- ret = true if password_changed? and !perishable_token_submitted?
- ret ||= true if email_changed?
- ret ||= false
- end
- def perishable_token_submitted?
- # ?????
- end
- def old_password_is_correct
- if old_user = User.find_by_id(id)
- unless old_user.valid_password?(old_password)
- errors.add("old_password", "is not correct")
- end
- else
- errors.add_to_base("User could not be found by id")
- end
- end
- def password_changed?
- self.changes["crypted_password"] ? true : false
- end
- def email_changed?
- self.changes["email"] ? true : false
- end
- end
- # my controller
- ##################################
- class User::PasswordController < ApplicationController
- before_filter :require_no_user, :only => [:new, :create]
- # form to have new password link emailed
- def new
- @user = User.new
- end
- # form to change password, includes old email field or hidden token field
- def edit
- load_user_by_perishable_token_or_current
- end
- # email out password reset link
- def create
- @user = User.find_by_email(params[:user][:email])
- if @user
- @user.deliver_password_reset_instructions!
- flash[:notice] = "Instructions to reset your password have been emailed to you. Please check your email."
- redirect_to root_path
- else
- @user = User.new
- flash[:notice] = "No user was found with that email address"
- render :action => :new
- end
- end
- # update password, requires old password or token in validations
- def update
- load_user_by_perishable_token_or_current
- @user.old_password = params[:user][:old_password]
- @user.password = params[:user][:password]
- @user.password_confirmation = params[:user][:password_confirmation]
- if @user.save
- flash[:notice] = "Password successfully updated"
- redirect_to user_account_path
- else
- render :action => :edit
- end
- end
- private
- def load_user_by_perishable_token_or_current
- if @user = current_user
- elsif @user = User.find_using_perishable_token(params[:token])
- elsif @user = User.find_using_perishable_token(params[:user][:perishable_token])
- else
- flash[:notice] = "Could not find user, please check your token or create a new one"
- redirect_to root_path
- end
- end
- end
- # my edit view
- ##################################
- %h1 Change your password
- -form_for @user, :url => user_password_path do |f|
- %p
- = f.error_messages
- - if current_user # logged in, changing password with old password
- %p
- = f.label :old_password, "Old Password"
- = f.password_field :old_password
- - else # not logged in, changing password with perishable token
- = f.hidden_field :perishable_token
- %p
- = f.label :password, "New Password"
- = f.password_field :password
- %p
- = f.label :password_confirmation
- = f.password_field :password_confirmation
- %p
- = f.submit "Update"
Add Comment
Please, Sign In to add comment