skill-assessment-app/app/controllers/admin/auth_controller.rb

# frozen_string_literal: true
module Admin
  class AuthController < AdminController
    skip_before_action :authorize_user

    def login
    end

    def auth
      user = User.find_by(email: auth_params[:email])

      if user && user.authenticate(auth_params[:password])
        session[:user] = user.to_i
        redirect_to admin_path
      else
        redirect_to admin_login_path,
                    flash: { error: "Sorry, incorrect email or password. Please try again." }
      end
    end

    def logout
      reset_session
      redirect_to admin_login_path
    end

    def reset_request
    end

    def send_reset
      user = User.find_by(email: request_params[:email])
      redirect_to(admin_reset_request_path) and return if user.nil?

      user.setup_reset
      UserMailer.password_reset(user).deliver_later
      redirect_to admin_reset_request_path,
                  success: "Reset request sent! Please check your email for instructions."
    end

    def reset
      user = User.find_by(reset_token: params[:reset_token])
      redirect_to(admin_reset_request_path) and return if user.nil?
    end

    def reset_password
      user = User.find_by(reset_token: params[:reset_token])
      redirect_to(admin_reset_request_path) and return if user.nil?

      if user.update(reset_params)
        redirect_to admin_login_path, success: "Password has been reset. Please log in."
      else
        redirect_to admin_reset_request_path, flash: { error: "Password was not updated." }
      end
    end

    private

      def request_params
        params.require(:auth).permit(:email)
      end

      def reset_params
        params.require(:auth).permit(:password, :password_confirmation)
      end
  end
end
rubocop noise: fixes FrozenStringLiteralComment Adding the .ruby-verison file triggered previously un-run cops, specifically: This cop is designed to help upgrade to Ruby 3.0. It will add the comment `# frozen_string_literal: true` to the top of files to enable frozen string literals. Frozen string literals will be default in Ruby 3.0. The comment will be added below a shebang and encoding comment. The frozen string literal comment is only valid in Ruby 2.3+. More info on rubocop [Automatic-Corrections](https://github.com/bbatsov/rubocop/wiki/Automatic-Corrections) 2016-09-08 10:25:33 -05:00			`# frozen_string_literal: true`
admin interface generation 2016-08-17 17:49:09 -05:00			`module Admin`
			`class AuthController < AdminController`
current_admin to current_user => prep for pundit 2016-09-19 14:25:17 -05:00			`skip_before_action :authorize_user`
admin controller tests, sans question 2016-08-18 15:35:17 -05:00
admin interface generation 2016-08-17 17:49:09 -05:00			`def login`
			`end`

			`def auth`
current_admin to current_user => prep for pundit 2016-09-19 14:25:17 -05:00			`user = User.find_by(email: auth_params[:email])`
admin controller tests, sans question 2016-08-18 15:35:17 -05:00
current_admin to current_user => prep for pundit 2016-09-19 14:25:17 -05:00			`if user && user.authenticate(auth_params[:password])`
			`session[:user] = user.to_i`
admin controller tests, sans question 2016-08-18 15:35:17 -05:00			`redirect_to admin_path`
			`else`
			`redirect_to admin_login_path,`
			`flash: { error: "Sorry, incorrect email or password. Please try again." }`
			`end`
admin interface generation 2016-08-17 17:49:09 -05:00			`end`

			`def logout`
admin controller tests, sans question 2016-08-18 15:35:17 -05:00			`reset_session`
			`redirect_to admin_login_path`
admin interface generation 2016-08-17 17:49:09 -05:00			`end`
password reset requests 2016-08-24 15:02:32 -05:00
			`def reset_request`
			`end`

			`def send_reset`
			`user = User.find_by(email: request_params[:email])`
			`redirect_to(admin_reset_request_path) and return if user.nil?`

			`user.setup_reset`
deliver_later for controller actions. 2016-09-14 14:38:26 -05:00			`UserMailer.password_reset(user).deliver_later`
password reset requests 2016-08-24 15:02:32 -05:00			`redirect_to admin_reset_request_path,`
			`success: "Reset request sent! Please check your email for instructions."`
			`end`

			`def reset`
			`user = User.find_by(reset_token: params[:reset_token])`
			`redirect_to(admin_reset_request_path) and return if user.nil?`
			`end`

			`def reset_password`
			`user = User.find_by(reset_token: params[:reset_token])`
			`redirect_to(admin_reset_request_path) and return if user.nil?`

			`if user.update(reset_params)`
			`redirect_to admin_login_path, success: "Password has been reset. Please log in."`
			`else`
test cleanup 2016-08-24 16:47:15 -05:00			`redirect_to admin_reset_request_path, flash: { error: "Password was not updated." }`
password reset requests 2016-08-24 15:02:32 -05:00			`end`
			`end`

			`private`

			`def request_params`
			`params.require(:auth).permit(:email)`
			`end`

			`def reset_params`
			`params.require(:auth).permit(:password, :password_confirmation)`
			`end`
admin interface generation 2016-08-17 17:49:09 -05:00			`end`
			`end`