skill-assessment-app/app/controllers/admin/auth_controller.rb

65 lines
1.7 KiB
Ruby
Raw Normal View History

2016-08-17 17:49:09 -05:00
module Admin
class AuthController < AdminController
2016-08-18 15:35:17 -05:00
skip_before_action :authorize_admin
2016-08-17 17:49:09 -05:00
def login
end
def auth
2016-08-18 15:35:17 -05:00
admin = User.find_by(email: auth_params[:email], role: 'admin')
if admin && admin.authenticate(auth_params[:password])
session[:user] = admin.to_i
redirect_to admin_path
else
redirect_to admin_login_path,
flash: { error: "Sorry, incorrect email or password. Please try again." }
end
2016-08-17 17:49:09 -05:00
end
def logout
2016-08-18 15:35:17 -05:00
reset_session
redirect_to admin_login_path
2016-08-17 17:49:09 -05:00
end
2016-08-24 15:02:32 -05:00
def reset_request
end
def send_reset
user = User.find_by(email: request_params[:email])
redirect_to(admin_reset_request_path) and return if user.nil?
user.setup_reset
2016-08-24 16:26:07 -05:00
UserMailer.password_reset(user).deliver_now
2016-08-24 15:02:32 -05:00
redirect_to admin_reset_request_path,
success: "Reset request sent! Please check your email for instructions."
end
def reset
user = User.find_by(reset_token: params[:reset_token])
redirect_to(admin_reset_request_path) and return if user.nil?
end
def reset_password
user = User.find_by(reset_token: params[:reset_token])
redirect_to(admin_reset_request_path) and return if user.nil?
if user.update(reset_params)
redirect_to admin_login_path, success: "Password has been reset. Please log in."
else
2016-08-24 16:47:15 -05:00
redirect_to admin_reset_request_path, flash: { error: "Password was not updated." }
2016-08-24 15:02:32 -05:00
end
end
private
def request_params
params.require(:auth).permit(:email)
end
def reset_params
params.require(:auth).permit(:password, :password_confirmation)
end
2016-08-17 17:49:09 -05:00
end
end