4bbd93ded1
Adding the .ruby-verison file triggered previously un-run cops, specifically: This cop is designed to help upgrade to Ruby 3.0. It will add the comment `# frozen_string_literal: true` to the top of files to enable frozen string literals. Frozen string literals will be default in Ruby 3.0. The comment will be added below a shebang and encoding comment. The frozen string literal comment is only valid in Ruby 2.3+. More info on rubocop [Automatic-Corrections](https://github.com/bbatsov/rubocop/wiki/Automatic-Corrections)
66 lines
1.7 KiB
Ruby
66 lines
1.7 KiB
Ruby
# frozen_string_literal: true
|
|
module Admin
|
|
class AuthController < AdminController
|
|
skip_before_action :authorize_admin
|
|
|
|
def login
|
|
end
|
|
|
|
def auth
|
|
admin = User.find_by(email: auth_params[:email], role: 'admin')
|
|
|
|
if admin && admin.authenticate(auth_params[:password])
|
|
session[:user] = admin.to_i
|
|
redirect_to admin_path
|
|
else
|
|
redirect_to admin_login_path,
|
|
flash: { error: "Sorry, incorrect email or password. Please try again." }
|
|
end
|
|
end
|
|
|
|
def logout
|
|
reset_session
|
|
redirect_to admin_login_path
|
|
end
|
|
|
|
def reset_request
|
|
end
|
|
|
|
def send_reset
|
|
user = User.find_by(email: request_params[:email])
|
|
redirect_to(admin_reset_request_path) and return if user.nil?
|
|
|
|
user.setup_reset
|
|
UserMailer.password_reset(user).deliver_now
|
|
redirect_to admin_reset_request_path,
|
|
success: "Reset request sent! Please check your email for instructions."
|
|
end
|
|
|
|
def reset
|
|
user = User.find_by(reset_token: params[:reset_token])
|
|
redirect_to(admin_reset_request_path) and return if user.nil?
|
|
end
|
|
|
|
def reset_password
|
|
user = User.find_by(reset_token: params[:reset_token])
|
|
redirect_to(admin_reset_request_path) and return if user.nil?
|
|
|
|
if user.update(reset_params)
|
|
redirect_to admin_login_path, success: "Password has been reset. Please log in."
|
|
else
|
|
redirect_to admin_reset_request_path, flash: { error: "Password was not updated." }
|
|
end
|
|
end
|
|
|
|
private
|
|
|
|
def request_params
|
|
params.require(:auth).permit(:email)
|
|
end
|
|
|
|
def reset_params
|
|
params.require(:auth).permit(:password, :password_confirmation)
|
|
end
|
|
end
|
|
end
|