Added auto login after password reset.

2013-01-03 13:00:55 +01:00 · 2013-01-03 13:00:55 +01:00 · ffa6259099
commit ffa6259099
parent 03053e7727
4 changed files with 44 additions and 16 deletions
--- a/app/assets/javascripts/app/controllers/reset_password.js.coffee
+++ b/app/assets/javascripts/app/controllers/reset_password.js.coffee
@ -113,6 +113,7 @@ class Verify extends App.Controller
    e.preventDefault()
    params = @formParam(e.target)
    params['token'] = @token
+    @password = params['password']

    # get data
    App.Com.ajax(
@ -126,6 +127,35 @@ class Verify extends App.Controller
    )

  render_changed_success: (data, status, xhr) =>
+    App.Auth.login(
+      data:
+        username: data.user_login
+        password: @password
+      success: =>
+
+        # login check
+        App.Auth.loginCheck()
+
+        # add notify
+        App.Event.trigger 'notify:removeall'
+        @notify
+          type: 'success',
+          msg: 'Password reset successfull.'
+
+        # redirect to #
+        @navigate '#'
+
+      error: =>
+
+        # add notify
+        App.Event.trigger 'notify:removeall'
+        @notify
+          type: 'error',
+          msg: 'Something went wrong. Please contact your administrator.'
+    )
+
+
+
    @html App.view('generic/hero_message')(
      head:    'Woo hoo! Your password has been changed!'
      message: 'Please try to login!'
--- a/app/controllers/users_controller.rb
+++ b/app/controllers/users_controller.rb
@ -341,12 +341,12 @@ curl http://localhost/api/users/password_reset_verify.json -v -u #{login}:#{pass

  def password_reset_verify
    if params[:password]
-      success = User.password_reset_via_token( params[:token], params[:password] )
+      user = User.password_reset_via_token( params[:token], params[:password] )
    else
-      success = User.password_reset_check( params[:token] )
+      user = User.password_reset_check( params[:token] )
    end
-    if success
-      render :json => { :message => 'ok' }, :status => :ok
+    if user
+      render :json => { :message => 'ok', :user_login => user.login }, :status => :ok
    else
      render :json => { :message => 'failed' }, :status => :unprocessable_entity
    end
--- a/app/models/token.rb
+++ b/app/models/token.rb
@ -11,15 +11,15 @@ class Token < ActiveRecord::Base
    
    # check if token is still valid
    if token.created_at < 1.day.ago
-      
+
      # delete token
      token.delete
      token.save
      return
    end
-    
+
    # return token if valid
-    return token
+    return token.user
  end

  private
--- a/app/models/user.rb
+++ b/app/models/user.rb
@ -145,24 +145,22 @@ Your #{config.product_name} Team

  # check token
  def self.password_reset_check(token)
-    token = Token.check( :action => 'PasswordReset', :name => token )
-    return if !token
-    return true
+    user = Token.check( :action => 'PasswordReset', :name => token )
+    return user
  end

  def self.password_reset_via_token(token,password)

    # check token
-    token = Token.check( :action => 'PasswordReset', :name => token )
-    return if !token
+    user = Token.check( :action => 'PasswordReset', :name => token )
+    return if !user

    # reset password
-    token.user.update_attributes( :password => password )
+    user.update_attributes( :password => password )

    # delete token
-    token.delete
-    token.save
-    return true
+    Token.where( :action => 'PasswordReset', :name => token ).first.destroy
+    return user
  end

  def self.find_fulldata(user_id)