app/controllers/users/passwords_controller.rb
# frozen_string_literal: true
class Users::PasswordsController < Devise::PasswordsController
# GET /resource/password/new
# def new
# super
# end
# POST /resource/password
def create
self.resource = resource_class.send_reset_password_instructions(resource_params)
yield resource if block_given?
if successfully_sent?(resource)
respond_with(resource) do |format|
format.json { render json: {}, status: 201 }
end
else
respond_with(resource)
end
end
# GET /resource/password/edit?reset_password_token=abcdef
# def edit
# super
# end
# PUT /resource/password
def update
self.resource = resource_class.reset_password_by_token(resource_params)
yield resource if block_given?
if resource.errors.empty?
resource.unlock_access! if unlockable?(resource)
if Devise.sign_in_after_reset_password
flash_message = resource.active_for_authentication? ? :updated : :updated_not_active
set_flash_message!(:notice, flash_message)
resource.after_database_authentication
sign_in(resource_name, resource)
else
set_flash_message!(:notice, :updated_not_active)
end
respond_with(resource) do |format|
format.json { render json: resource.as_json.merge(jwt: encode_token({id: resource.id, api_key: resource.api_key})), status: 201 }
end
else
set_minimum_password_length
respond_with(resource) do |format|
format.json { render json: { message: resource.errors.full_messages.to_sentence }, status: 201 }
end
end
end
# protected
# def after_resetting_password_path_for(resource)
# super(resource)
# end
# The path used after sending reset password instructions
# def after_sending_reset_password_instructions_path_for(resource_name)
# super(resource_name)
# end
private
def encode_token(payload)
JWT.encode(payload, 's3cr3t')
end
end