From fae9b57df3fa766c3dd19f8d99ec7ef5a6cd12ec Mon Sep 17 00:00:00 2001 From: Martin Edenhofer Date: Mon, 23 Apr 2012 18:59:35 +0200 Subject: [PATCH] Improved password reset feature. --- .../app/controllers/reset_password.js.coffee | 100 ++++++++++++++---- .../app/views/generic/hero_message.jst.eco | 8 ++ .../app/views/reset_password_change.jst.eco | 11 ++ app/controllers/users_controller.rb | 7 +- app/models/user.rb | 1 - 5 files changed, 101 insertions(+), 26 deletions(-) create mode 100644 app/assets/javascripts/app/views/generic/hero_message.jst.eco create mode 100644 app/assets/javascripts/app/views/reset_password_change.jst.eco diff --git a/app/assets/javascripts/app/controllers/reset_password.js.coffee b/app/assets/javascripts/app/controllers/reset_password.js.coffee index 9523a9dbd..aec66bdf8 100644 --- a/app/assets/javascripts/app/controllers/reset_password.js.coffee +++ b/app/assets/javascripts/app/controllers/reset_password.js.coffee @@ -6,7 +6,6 @@ class Index extends App.Controller events: 'submit form': 'submit', 'click .submit': 'submit', - 'click .cancel': 'cancel', constructor: -> super @@ -18,7 +17,6 @@ class Index extends App.Controller @render() render: -> - configure_attributes = [ { name: 'username', display: 'Enter your username or email address:', tag: 'input', type: 'text', limit: 100, null: false, class: 'input span4', }, ] @@ -27,11 +25,7 @@ class Index extends App.Controller form: @formGen( model: { configure_attributes: configure_attributes } ), ) - cancel: -> - @navigate 'login' - submit: (e) -> - @log 'submit' e.preventDefault() params = @formParam(e.target) @@ -46,22 +40,82 @@ class Index extends App.Controller ) success: (data, status, xhr) => - - @html App.view('reset_password_sent')() - - error: (xhr, statusText, error) => - - # add notify - Spine.trigger 'notify:removeall' - Spine.trigger 'notify', { - type: 'warning', - msg: 'Wrong Username and Password combination.', - } - - # rerender login page - @render( - msg: 'Wrong Username and Password combination.', - username: @username - ) + @html App.view('generic/hero_message')( + head: 'We\'ve sent password reset instructions to your email address', + message: 'If you don\'t receive instructions within a minute or two, check your email\'s spam and junk filters, or try resending your request.' + ); Config.Routes['reset_password'] = Index + + +class Verify extends App.Controller + className: 'container' + + events: + 'submit form': 'submit', + 'click .submit': 'submit', + + constructor: -> + super + + # set title + @title 'Reset Password' + @navupdate '#reset_password_verify' + + # get data + ajax = new App.Ajax + params = {} + params['token'] = @token + ajax.ajax( + type: 'POST', + url: '/users/password_reset_verify', + data: JSON.stringify(params), + processData: true, + success: @render_success + error: @render_failed + ) + + render_success: -> + configure_attributes = [ + { name: 'password', display: 'Password', tag: 'input', type: 'password', limit: 100, null: false, class: 'input span4', }, + ] + + @html App.view('reset_password_change')( + form: @formGen( model: { configure_attributes: configure_attributes } ), + ) + + render_failed: -> + @html App.view('generic/hero_message')( + head: 'Failed!', + message: 'Token is not valid!' + ); + + submit: (e) -> + e.preventDefault() + params = @formParam(e.target) + params['token'] = @token + + # get data + ajax = new App.Ajax + ajax.ajax( + type: 'POST', + url: '/users/password_reset_verify', + data: JSON.stringify(params), + processData: true, + success: @render_changed_success + error: @render_changed_failed + ) + + render_changed_success: (data, status, xhr) => + @html App.view('generic/hero_message')( + head: 'Woo hoo! Your password has been changed!', + message: 'Please try to login!', + ); + + render_changed_failed: -> + @html App.view('generic/hero_message')( + head: 'Failed!', + message: 'Ask your admin!', + ); + +Config.Routes['reset_password_verify/:token'] = Verify diff --git a/app/assets/javascripts/app/views/generic/hero_message.jst.eco b/app/assets/javascripts/app/views/generic/hero_message.jst.eco new file mode 100644 index 000000000..b88b51ec0 --- /dev/null +++ b/app/assets/javascripts/app/views/generic/hero_message.jst.eco @@ -0,0 +1,8 @@ +
+

<%= @head %> <%= @head_small %>

+
+

+ <%- @message %> +

+
+
diff --git a/app/assets/javascripts/app/views/reset_password_change.jst.eco b/app/assets/javascripts/app/views/reset_password_change.jst.eco new file mode 100644 index 000000000..1917928d4 --- /dev/null +++ b/app/assets/javascripts/app/views/reset_password_change.jst.eco @@ -0,0 +1,11 @@ +
+

Choose your new password.

+
+
+

+ <%- @form %> +

+ +
+
+
diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb index 712934abc..6224e48a3 100644 --- a/app/controllers/users_controller.rb +++ b/app/controllers/users_controller.rb @@ -101,7 +101,6 @@ class UsersController < ApplicationController # POST /users/reset_password def password_reset_send - puts params.inspect success = User.password_reset_send( params[:username] ) if success render :json => { :message => 'ok' }, :status => :ok @@ -112,7 +111,11 @@ class UsersController < ApplicationController # get /users/verify_password/:hash def password_reset_verify - success = User.password_reset_verify( params[:hash] ) + if params[:password] + success = User.password_reset_via_token( params[:token], params[:password] ) + else + success = User.password_reset_check( params[:token] ) + end if success render :json => { :message => 'ok' }, :status => :ok else diff --git a/app/models/user.rb b/app/models/user.rb index 3fb2545a4..dba28de25 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -63,7 +63,6 @@ class User < ApplicationModel end def self.password_reset_send(username) -puts '2'+username.inspect return if !username || username == '' # try to find user based on login