2009-01-06 11:49:19 +01:00
|
|
|
class LoginController < ApplicationController
|
2021-03-01 15:27:26 +01:00
|
|
|
skip_before_action :authenticate # no authentication since this is the login page
|
2019-10-28 21:11:35 +01:00
|
|
|
before_action :validate_token, :only => [:new_password, :update_password]
|
2009-04-17 12:06:36 +02:00
|
|
|
|
2009-01-06 11:49:19 +01:00
|
|
|
# Display the form to enter an email address requesting a token to set a new password.
|
|
|
|
def forgot_password
|
2012-08-24 11:11:40 +02:00
|
|
|
@user = User.new
|
2009-01-06 11:49:19 +01:00
|
|
|
end
|
2021-03-01 15:27:26 +01:00
|
|
|
|
2009-01-06 11:49:19 +01:00
|
|
|
# Sends an email to a user with the token that allows setting a new password through action "password".
|
|
|
|
def reset_password
|
2013-03-27 22:18:58 +01:00
|
|
|
if request.get? || params[:user].nil? # Catch for get request and give better error message.
|
2013-10-04 10:09:33 +02:00
|
|
|
redirect_to forgot_password_url, alert: I18n.t('errors.general_again') and return
|
2013-03-27 22:18:58 +01:00
|
|
|
end
|
|
|
|
|
2016-03-04 19:03:52 +01:00
|
|
|
if (user = User.undeleted.find_by_email(params[:user][:email]))
|
2015-04-24 15:19:57 +02:00
|
|
|
user.request_password_reset!
|
2009-01-06 11:49:19 +01:00
|
|
|
end
|
2013-04-26 21:32:19 +02:00
|
|
|
redirect_to login_url, :notice => I18n.t('login.controller.reset_password.notice')
|
2009-01-06 11:49:19 +01:00
|
|
|
end
|
2021-03-01 15:27:26 +01:00
|
|
|
|
2009-01-06 11:49:19 +01:00
|
|
|
# Set a new password with a token from the password reminder email.
|
|
|
|
# Called with params :id => User.id and :token => User.reset_password_token to specify a new password.
|
2012-10-08 11:51:56 +02:00
|
|
|
def new_password
|
2009-01-06 11:49:19 +01:00
|
|
|
end
|
2021-03-01 15:27:26 +01:00
|
|
|
|
2009-01-06 11:49:19 +01:00
|
|
|
# Sets a new password.
|
|
|
|
# Called with params :id => User.id and :token => User.reset_password_token to specify a new password.
|
2009-04-17 12:06:36 +02:00
|
|
|
def update_password
|
|
|
|
@user.attributes = params[:user]
|
|
|
|
if @user.valid?
|
|
|
|
@user.reset_password_token = nil
|
|
|
|
@user.reset_password_expires = nil
|
|
|
|
@user.save
|
2013-04-26 21:32:19 +02:00
|
|
|
redirect_to login_url, :notice => I18n.t('login.controller.update_password.notice')
|
2009-04-17 12:06:36 +02:00
|
|
|
else
|
2012-10-08 11:51:56 +02:00
|
|
|
render :new_password
|
2009-04-17 12:06:36 +02:00
|
|
|
end
|
2009-01-06 11:49:19 +01:00
|
|
|
end
|
|
|
|
|
2012-10-08 11:51:56 +02:00
|
|
|
# For invited users.
|
|
|
|
def accept_invitation
|
|
|
|
@invite = Invite.find_by_token(params[:token])
|
2013-03-23 17:51:33 +01:00
|
|
|
if @invite.nil? || @invite.expires_at < Time.now
|
2013-04-26 21:32:19 +02:00
|
|
|
redirect_to login_url, alert: I18n.t('login.controller.error_invite_invalid')
|
2009-01-06 11:49:19 +01:00
|
|
|
elsif @invite.group.nil?
|
2013-04-26 21:32:19 +02:00
|
|
|
redirect_to login_url, alert: I18n.t('login.controller.error_group_invalid')
|
2013-03-23 17:51:33 +01:00
|
|
|
elsif request.post?
|
2009-01-06 11:49:19 +01:00
|
|
|
User.transaction do
|
|
|
|
@user = User.new(params[:user])
|
|
|
|
@user.email = @invite.email
|
2009-02-02 00:09:50 +01:00
|
|
|
if @user.save
|
2009-01-06 11:49:19 +01:00
|
|
|
Membership.new(:user => @user, :group => @invite.group).save!
|
|
|
|
@invite.destroy
|
2013-06-14 02:39:25 +02:00
|
|
|
session[:locale] = @user.locale
|
2013-04-26 21:32:19 +02:00
|
|
|
redirect_to login_url, notice: I18n.t('login.controller.accept_invitation.notice')
|
2009-01-06 11:49:19 +01:00
|
|
|
end
|
|
|
|
end
|
|
|
|
else
|
|
|
|
@user = User.new(:email => @invite.email)
|
|
|
|
end
|
|
|
|
end
|
2009-04-17 12:06:36 +02:00
|
|
|
|
|
|
|
protected
|
|
|
|
|
|
|
|
def validate_token
|
|
|
|
@user = User.find_by_id_and_reset_password_token(params[:id], params[:token])
|
|
|
|
if (@user.nil? || @user.reset_password_expires < Time.now)
|
2013-04-26 21:32:19 +02:00
|
|
|
redirect_to forgot_password_url, alert: I18n.t('login.controller.error_token_invalid')
|
2009-04-17 12:06:36 +02:00
|
|
|
end
|
|
|
|
end
|
2009-01-06 11:49:19 +01:00
|
|
|
end
|