app/controllers/password_resets_controller.rb
class PasswordResetsController < ApplicationController
skip_before_filter :ensure_authenticated
def new
end
def create
@email = params[:email]
if @member = co.members.where(:email => @email).first
@member.new_password_reset_code!
@member.save!
MembersMailer.password_reset(@member).deliver
end
render(:action => :show)
end
def edit
@password_reset_code = params[:id]
@member = Member.find_by_password_reset_code(@password_reset_code)
unless @member
render_404
end
end
def update
@password_reset_code = params[:id]
@member = Member.find_by_password_reset_code(@password_reset_code)
@member.attributes = params[:member]
if @member.save
@member.clear_password_reset_code!
log_in(@member)
flash[:notice] = "Your new password has been saved."
redirect_to(root_path)
else
flash.now[:error] = "There was a problem with your new details."
render(:action => :edit)
end
end
end