84 lines
2.7 KiB
84 lines
2.7 KiB
class Auth::PasswordsController < Devise::PasswordsController |
|
include Helpers::Email |
|
|
|
def reset_confirmation |
|
self.resource = resource_class.new |
|
@email = params["email"] |
|
if @email.empty? |
|
resource.errors.add :email, I18n.t("validations.email.blank") |
|
render "devise/passwords/new", status: :unprocessable_entity |
|
elsif !email_valid?(@email) |
|
resource.errors.add :email, I18n.t("validations.email.invalid") |
|
render "devise/passwords/new", status: :unprocessable_entity |
|
else |
|
render "devise/passwords/reset_resend_confirmation" |
|
end |
|
end |
|
|
|
def create |
|
self.resource = resource_class.send_reset_password_instructions(resource_params) |
|
yield resource if block_given? |
|
|
|
@minimum_password_length = Devise.password_length.min |
|
respond_with({}, location: after_sending_reset_password_instructions_path_for(resource_name)) |
|
end |
|
|
|
def edit |
|
super |
|
@minimum_password_length = Devise.password_length.min |
|
@confirmation = params["confirmation"] |
|
render "devise/passwords/reset_password" |
|
end |
|
|
|
def update |
|
self.resource = resource_class.reset_password_by_token(resource_params) |
|
yield resource if block_given? |
|
|
|
if resource.errors.empty? |
|
resource.unlock_access! if unlockable?(resource) |
|
if Devise.sign_in_after_reset_password |
|
set_flash_message!(:notice, password_update_flash_message) |
|
resource.after_database_authentication |
|
sign_in(resource_name, resource) |
|
set_2fa_required |
|
else |
|
set_flash_message!(:notice, :updated_not_active) |
|
end |
|
respond_with resource, location: after_resetting_password_path_for(resource) |
|
else |
|
@minimum_password_length = Devise.password_length.min |
|
@confirmation = resource_params["confirmation"] |
|
render "devise/passwords/reset_password", status: :unprocessable_entity |
|
end |
|
end |
|
|
|
protected |
|
|
|
def set_2fa_required |
|
return unless resource.respond_to?(:need_two_factor_authentication?) && |
|
resource.need_two_factor_authentication?(request) |
|
|
|
warden.session(resource_class.name.underscore)[DeviseTwoFactorAuthentication::NEED_AUTHENTICATION] = true |
|
end |
|
|
|
def password_update_flash_message |
|
resource.need_two_factor_authentication?(request) ? :updated_2FA : :updated |
|
end |
|
|
|
def after_sending_reset_password_instructions_path_for(_resource) |
|
account_password_reset_confirmation_path(email: params.dig("user", "email")) |
|
end |
|
|
|
def after_resetting_password_path_for(resource) |
|
if Devise.sign_in_after_reset_password |
|
if resource.need_two_factor_authentication?(request) |
|
resource.send_new_otp |
|
send("#{resource_name}_two_factor_authentication_path") |
|
else |
|
after_sign_in_path_for(resource) |
|
end |
|
else |
|
new_session_path(resource_name) |
|
end |
|
end |
|
end
|
|
|