2016-08-17 17:49:09 -05:00
|
|
|
module Admin
|
|
|
|
class AuthController < AdminController
|
2016-08-18 15:35:17 -05:00
|
|
|
skip_before_action :authorize_admin
|
|
|
|
|
2016-08-17 17:49:09 -05:00
|
|
|
def login
|
|
|
|
end
|
|
|
|
|
|
|
|
def auth
|
2016-08-18 15:35:17 -05:00
|
|
|
admin = User.find_by(email: auth_params[:email], role: 'admin')
|
|
|
|
|
|
|
|
if admin && admin.authenticate(auth_params[:password])
|
|
|
|
session[:user] = admin.to_i
|
|
|
|
redirect_to admin_path
|
|
|
|
else
|
|
|
|
redirect_to admin_login_path,
|
|
|
|
flash: { error: "Sorry, incorrect email or password. Please try again." }
|
|
|
|
end
|
2016-08-17 17:49:09 -05:00
|
|
|
end
|
|
|
|
|
|
|
|
def logout
|
2016-08-18 15:35:17 -05:00
|
|
|
reset_session
|
|
|
|
redirect_to admin_login_path
|
2016-08-17 17:49:09 -05:00
|
|
|
end
|
2016-08-24 15:02:32 -05:00
|
|
|
|
|
|
|
def reset_request
|
|
|
|
end
|
|
|
|
|
|
|
|
def send_reset
|
|
|
|
user = User.find_by(email: request_params[:email])
|
|
|
|
redirect_to(admin_reset_request_path) and return if user.nil?
|
|
|
|
|
|
|
|
user.setup_reset
|
2016-08-24 16:26:07 -05:00
|
|
|
UserMailer.password_reset(user).deliver_now
|
2016-08-24 15:02:32 -05:00
|
|
|
redirect_to admin_reset_request_path,
|
|
|
|
success: "Reset request sent! Please check your email for instructions."
|
|
|
|
end
|
|
|
|
|
|
|
|
def reset
|
|
|
|
user = User.find_by(reset_token: params[:reset_token])
|
|
|
|
redirect_to(admin_reset_request_path) and return if user.nil?
|
|
|
|
end
|
|
|
|
|
|
|
|
def reset_password
|
|
|
|
user = User.find_by(reset_token: params[:reset_token])
|
|
|
|
redirect_to(admin_reset_request_path) and return if user.nil?
|
|
|
|
|
|
|
|
if user.update(reset_params)
|
|
|
|
redirect_to admin_login_path, success: "Password has been reset. Please log in."
|
|
|
|
else
|
|
|
|
redirect_to(admin_reset_request_path)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
private
|
|
|
|
|
|
|
|
def request_params
|
|
|
|
params.require(:auth).permit(:email)
|
|
|
|
end
|
|
|
|
|
|
|
|
def reset_params
|
|
|
|
params.require(:auth).permit(:password, :password_confirmation)
|
|
|
|
end
|
2016-08-17 17:49:09 -05:00
|
|
|
end
|
|
|
|
end
|