Re: Implement "forgot password" in restful authentication plugin
Thanks for the post.
So reset_notification.rhtml and stuff belongs in restful authentication plugin folder?
Re: Implement "forgot password" in restful authentication plugin
can anyone see anything super obvious here that is causing my reset passwords to not commit?
it has just started to fail..
account controller
#reset password
def reset_password
@title = "Reset Password"
@user = User.find_by_password_reset_code(params[:password_reset_code]) unless params[:password_reset_code].nil?
#raise if @user.nil?return if @user unless params[:user]
#if ((params[:user][:password] == params[:user][:password_confirmation]) && !params[:user][:password_confirmation].blank?)
if (params[:user][:password] == params[:user][:password_confirmation])
self.current_user = @user #for the next two lines to work
current_user.password_confirmation = params[:user][:password_confirmation]
current_user.password = params[:user][:password]
@user.reset_password
reset_session # this forces the user to login
flash[:notice] = current_user.save ? "Done, Your is Password reset - Login Now to try your new Password" : "Password not reset. Hint, make your Password atleast 8 characters long."
redirect_back_or_default('/')
else
flash[:notice] = "Password mismatch.. please try again"
end
rescue
logger.error "Invalid Reset Code entered"
flash[:notice] = "That is an invalid password reset action. Please check your email and try again."
redirect_back_or_default('/')
end
# user model
# Clear the password (typically to suppress its display in a view).
def clear_password!
self.password = nil
self.password_confirmation = nil
self.current_password = nil
end
#forgot password params
def forgot_password
@forgotten_password = true
self.make_password_reset_code
save(false)
end#used in user_observer
def recently_forgot_password?
@forgotten_password
enddef reset_password
# First update the password_reset_code before setting the
# reset_password flag to avoid duplicate email notifications.
update_attributes(:password_reset_code => nil)
@reset_password = true
end#used in user_observer
def recently_reset_password?
@reset_password
end
- lenart
- Passenger
- Offline
Re: Implement "forgot password" in restful authentication plugin
I noticed that the assigment through self.attributes is not working in Rails 2.0.2.
I had to change 2 lines in the User model (user.rb)
def create_reset_code
@reset = true
# self.attributes = {:reset_code => Digest::SHA1.hexdigest( Time.now.to_s.split(//).sort_by {rand}.join )}
self.reset_code = Digest::SHA1.hexdigest( Time.now.to_s.split(//).sort_by {rand}.join )
save(false)
end
def recently_reset?
@reset
enddef delete_reset_code
#self.attributes = {:reset_code => nil}
self.reset_code = nil
save(false)
end
Another thing I noticed is that the code in user_observer.rb calls UserNotifier instead of UserMailer which is used by restful_authentication.
def after_save(user)
UserMailer.deliver_activation(user) if user.pending?
UserMailer.deliver_reset_notification(user) if user.recently_reset?
end
Re: Implement "forgot password" in restful authentication plugin
Thanks for posting all of this. I was able to identify the problem where it was calling UserNotifier instead of UserMailer but the self.attributes issue really had me stumped for a while.. thanks!
Re: Implement "forgot password" in restful authentication plugin
I believe the self.attributes problem is related to the
attr_accessible settings in the model.
Add :reset_code to it and things should work I belive
Re: Implement "forgot password" in restful authentication plugin
I have updated these instructions for additional robustness and fixes for the latest version of restful_authentication: http://validatesconfirmationof.blogspot … re-to.html