foodsoft/app/controllers/login_controller.rb

class LoginController < ApplicationController
  skip_before_action :authenticate # no authentication since this is the login page
  before_action :validate_token, only: %i[new_password update_password]

  # Display the form to enter an email address requesting a token to set a new password.
  def forgot_password
    @user = User.new
  end

  # Sends an email to a user with the token that allows setting a new password through action "password".
  def reset_password
    redirect_to forgot_password_url, alert: I18n.t('errors.general_again') and return if request.get? || params[:user].nil? # Catch for get request and give better error message.

    if (user = User.undeleted.find_by_email(params[:user][:email]))
      user.request_password_reset!
    end
    redirect_to login_url, notice: I18n.t('login.controller.reset_password.notice')
  end

  # Set a new password with a token from the password reminder email.
  # Called with params :id => User.id and :token => User.reset_password_token to specify a new password.
  def new_password; end

  # Sets a new password.
  # Called with params :id => User.id and :token => User.reset_password_token to specify a new password.
  def update_password
    @user.attributes = params[:user]
    if @user.valid?
      @user.reset_password_token = nil
      @user.reset_password_expires = nil
      @user.save
      redirect_to login_url, notice: I18n.t('login.controller.update_password.notice')
    else
      render :new_password
    end
  end

  # For invited users.
  def accept_invitation
    @invite = Invite.find_by_token(params[:token])
    if @invite.nil? || @invite.expires_at < Time.now
      redirect_to login_url, alert: I18n.t('login.controller.error_invite_invalid')
    elsif @invite.group.nil?
      redirect_to login_url, alert: I18n.t('login.controller.error_group_invalid')
    elsif request.post?
      User.transaction do
        @user = User.new(params[:user])
        @user.email = @invite.email
        if @user.save
          Membership.new(user: @user, group: @invite.group).save!
          @invite.destroy
          session[:locale] = @user.locale
          redirect_to login_url, notice: I18n.t('login.controller.accept_invitation.notice')
        end
      end
    else
      @user = User.new(email: @invite.email)
    end
  end

  protected

  def validate_token
    @user = User.find_by_id_and_reset_password_token(params[:id], params[:token])
    return unless @user.nil? || @user.reset_password_expires < Time.now

    redirect_to forgot_password_url, alert: I18n.t('login.controller.error_token_invalid')
  end
end
Initial commit of foodsoft 2 2009-01-06 11:49:19 +01:00			`class LoginController < ApplicationController`
Run rubocop --fix-layout and remove encoding comments 2021-03-01 15:27:26 +01:00			`skip_before_action :authenticate # no authentication since this is the login page`
chore: rubocop chore: fix api test conventions chore: rubocop -A spec/ chore: more rubocop -A fix failing test rubocop fixes removes helper methods that are in my opinion dead code more rubocop fixes rubocop -a --auto-gen-config 2023-05-12 13:01:12 +02:00			`before_action :validate_token, only: %i[new_password update_password]`
Fixed bug in password reset feature. * Translated messages * Cleaned up some code 2009-04-17 12:06:36 +02:00
Initial commit of foodsoft 2 2009-01-06 11:49:19 +01:00			`# Display the form to enter an email address requesting a token to set a new password.`
			`def forgot_password`
Big feactoring and bug fixing, Mailer, Tasks, GroupOrders 2012-08-24 11:11:40 +02:00			`@user = User.new`
Initial commit of foodsoft 2 2009-01-06 11:49:19 +01:00			`end`
Run rubocop --fix-layout and remove encoding comments 2021-03-01 15:27:26 +01:00
Initial commit of foodsoft 2 2009-01-06 11:49:19 +01:00			`# Sends an email to a user with the token that allows setting a new password through action "password".`
			`def reset_password`
chore: rubocop chore: fix api test conventions chore: rubocop -A spec/ chore: more rubocop -A fix failing test rubocop fixes removes helper methods that are in my opinion dead code more rubocop fixes rubocop -a --auto-gen-config 2023-05-12 13:01:12 +02:00			`redirect_to forgot_password_url, alert: I18n.t('errors.general_again') and return if request.get? \|\| params[:user].nil? # Catch for get request and give better error message.`
Fixed error message, when using GET for password reset actions. 2013-03-27 22:18:58 +01:00
Add deleted_at for User Do not remove the user from the database. Mark as deleted instead. 2016-03-04 19:03:52 +01:00			`if (user = User.undeleted.find_by_email(params[:user][:email]))`
Bundle update & restructure tests (RSpec 3) 2015-04-24 15:19:57 +02:00			`user.request_password_reset!`
Initial commit of foodsoft 2 2009-01-06 11:49:19 +01:00			`end`
chore: rubocop chore: fix api test conventions chore: rubocop -A spec/ chore: more rubocop -A fix failing test rubocop fixes removes helper methods that are in my opinion dead code more rubocop fixes rubocop -a --auto-gen-config 2023-05-12 13:01:12 +02:00			`redirect_to login_url, notice: I18n.t('login.controller.reset_password.notice')`
Initial commit of foodsoft 2 2009-01-06 11:49:19 +01:00			`end`
Run rubocop --fix-layout and remove encoding comments 2021-03-01 15:27:26 +01:00
Initial commit of foodsoft 2 2009-01-06 11:49:19 +01:00			`# Set a new password with a token from the password reminder email.`
			`# Called with params :id => User.id and :token => User.reset_password_token to specify a new password.`
chore: rubocop chore: fix api test conventions chore: rubocop -A spec/ chore: more rubocop -A fix failing test rubocop fixes removes helper methods that are in my opinion dead code more rubocop fixes rubocop -a --auto-gen-config 2023-05-12 13:01:12 +02:00			`def new_password; end`
Run rubocop --fix-layout and remove encoding comments 2021-03-01 15:27:26 +01:00
Initial commit of foodsoft 2 2009-01-06 11:49:19 +01:00			`# Sets a new password.`
			`# Called with params :id => User.id and :token => User.reset_password_token to specify a new password.`
Fixed bug in password reset feature. * Translated messages * Cleaned up some code 2009-04-17 12:06:36 +02:00			`def update_password`
			`@user.attributes = params[:user]`
			`if @user.valid?`
			`@user.reset_password_token = nil`
			`@user.reset_password_expires = nil`
			`@user.save`
chore: rubocop chore: fix api test conventions chore: rubocop -A spec/ chore: more rubocop -A fix failing test rubocop fixes removes helper methods that are in my opinion dead code more rubocop fixes rubocop -a --auto-gen-config 2023-05-12 13:01:12 +02:00			`redirect_to login_url, notice: I18n.t('login.controller.update_password.notice')`
Fixed bug in password reset feature. * Translated messages * Cleaned up some code 2009-04-17 12:06:36 +02:00			`else`
Fixed login, new_password and invitation views. 2012-10-08 11:51:56 +02:00			`render :new_password`
Fixed bug in password reset feature. * Translated messages * Cleaned up some code 2009-04-17 12:06:36 +02:00			`end`
Initial commit of foodsoft 2 2009-01-06 11:49:19 +01:00			`end`

Fixed login, new_password and invitation views. 2012-10-08 11:51:56 +02:00			`# For invited users.`
			`def accept_invitation`
			`@invite = Invite.find_by_token(params[:token])`
Fixed missing templates in accept invitation action. 2013-03-23 17:51:33 +01:00			`if @invite.nil? \|\| @invite.expires_at < Time.now`
fix login i18n 2013-04-26 21:32:19 +02:00			`redirect_to login_url, alert: I18n.t('login.controller.error_invite_invalid')`
Initial commit of foodsoft 2 2009-01-06 11:49:19 +01:00			`elsif @invite.group.nil?`
fix login i18n 2013-04-26 21:32:19 +02:00			`redirect_to login_url, alert: I18n.t('login.controller.error_group_invalid')`
Fixed missing templates in accept invitation action. 2013-03-23 17:51:33 +01:00			`elsif request.post?`
Initial commit of foodsoft 2 2009-01-06 11:49:19 +01:00			`User.transaction do`
			`@user = User.new(params[:user])`
			`@user.email = @invite.email`
Refactoring of invitations. 2009-02-02 00:09:50 +01:00			`if @user.save`
chore: rubocop chore: fix api test conventions chore: rubocop -A spec/ chore: more rubocop -A fix failing test rubocop fixes removes helper methods that are in my opinion dead code more rubocop fixes rubocop -a --auto-gen-config 2023-05-12 13:01:12 +02:00			`Membership.new(user: @user, group: @invite.group).save!`
Initial commit of foodsoft 2 2009-01-06 11:49:19 +01:00			`@invite.destroy`
finishes i18n set_locale with user settings 2013-06-14 02:39:25 +02:00			`session[:locale] = @user.locale`
fix login i18n 2013-04-26 21:32:19 +02:00			`redirect_to login_url, notice: I18n.t('login.controller.accept_invitation.notice')`
Initial commit of foodsoft 2 2009-01-06 11:49:19 +01:00			`end`
			`end`
			`else`
chore: rubocop chore: fix api test conventions chore: rubocop -A spec/ chore: more rubocop -A fix failing test rubocop fixes removes helper methods that are in my opinion dead code more rubocop fixes rubocop -a --auto-gen-config 2023-05-12 13:01:12 +02:00			`@user = User.new(email: @invite.email)`
Initial commit of foodsoft 2 2009-01-06 11:49:19 +01:00			`end`
			`end`
Fixed bug in password reset feature. * Translated messages * Cleaned up some code 2009-04-17 12:06:36 +02:00
			`protected`

			`def validate_token`
			`@user = User.find_by_id_and_reset_password_token(params[:id], params[:token])`
chore: rubocop chore: fix api test conventions chore: rubocop -A spec/ chore: more rubocop -A fix failing test rubocop fixes removes helper methods that are in my opinion dead code more rubocop fixes rubocop -a --auto-gen-config 2023-05-12 13:01:12 +02:00			`return unless @user.nil? \|\| @user.reset_password_expires < Time.now`

			`redirect_to forgot_password_url, alert: I18n.t('login.controller.error_token_invalid')`
Fixed bug in password reset feature. * Translated messages * Cleaned up some code 2009-04-17 12:06:36 +02:00			`end`
Initial commit of foodsoft 2 2009-01-06 11:49:19 +01:00			`end`