module Authenticate::Model::PasswordReset

Support 'forgot my password' functionality.

Columns

Methods

Public Class Methods

required_fields(_klass) click to toggle source
# File lib/authenticate/model/password_reset.rb, line 18
def self.required_fields(_klass)
  [:password_reset_token, :password_reset_sent_at, :email]
end

Public Instance Methods

forgot_password!() click to toggle source

Generates a {#password_reset_token} for the user, which allows them to reset their password via an email link.

The user model is saved without validations. Any other changes you made to this user instance will also be persisted, without validation. It is intended to be called on an instance with no changes (`dirty? == false`).

@return [Boolean] Was the save successful?

# File lib/authenticate/model/password_reset.rb, line 50
def forgot_password!
  self.password_reset_token = Authenticate::Token.new
  self.password_reset_sent_at = Time.now.utc
  save validate: false
end
reset_password_period_valid?() click to toggle source

Checks if the reset password token is within the time limit. If the application's reset_password_within is nil, then always return true.

Example:

# reset_password_within = 1.day and reset_password_sent_at = today
reset_password_period_valid?   # returns true
# File lib/authenticate/model/password_reset.rb, line 63
def reset_password_period_valid?
  reset_within = Authenticate.configuration.reset_password_within
  return true if reset_within.nil?
  return true if password_reset_sent_at.nil? && password_reset_token.nil?
  password_reset_sent_at && password_reset_sent_at.utc >= reset_within.ago.utc
end
update_password(new_password) click to toggle source

Sets the user's password to the new value. The new password will be encrypted with the selected encryption scheme (defaults to Bcrypt).

Updating the user password also generates a new session token.

Validations will be run as part of this update. If the user instance is not valid, the password change will not be persisted, and this method will return `false`.

@return [Boolean] Was the save successful?

# File lib/authenticate/model/password_reset.rb, line 32
def update_password(new_password)
  return false unless reset_password_period_valid?
  self.password = new_password
  if valid?
    clear_reset_password_token
    generate_session_token
  end
  save
end

Private Instance Methods

clear_reset_password_token() click to toggle source
# File lib/authenticate/model/password_reset.rb, line 72
def clear_reset_password_token
  self.password_reset_token = nil
  self.password_reset_sent_at = nil
end