skill-assessment-app/app/controllers/admin/auth_controller.rb
2016-08-24 16:47:15 -05:00

65 lines
1.7 KiB
Ruby

module Admin
class AuthController < AdminController
skip_before_action :authorize_admin
def login
end
def auth
admin = User.find_by(email: auth_params[:email], role: 'admin')
if admin && admin.authenticate(auth_params[:password])
session[:user] = admin.to_i
redirect_to admin_path
else
redirect_to admin_login_path,
flash: { error: "Sorry, incorrect email or password. Please try again." }
end
end
def logout
reset_session
redirect_to admin_login_path
end
def reset_request
end
def send_reset
user = User.find_by(email: request_params[:email])
redirect_to(admin_reset_request_path) and return if user.nil?
user.setup_reset
UserMailer.password_reset(user).deliver_now
redirect_to admin_reset_request_path,
success: "Reset request sent! Please check your email for instructions."
end
def reset
user = User.find_by(reset_token: params[:reset_token])
redirect_to(admin_reset_request_path) and return if user.nil?
end
def reset_password
user = User.find_by(reset_token: params[:reset_token])
redirect_to(admin_reset_request_path) and return if user.nil?
if user.update(reset_params)
redirect_to admin_login_path, success: "Password has been reset. Please log in."
else
redirect_to admin_reset_request_path, flash: { error: "Password was not updated." }
end
end
private
def request_params
params.require(:auth).permit(:email)
end
def reset_params
params.require(:auth).permit(:password, :password_confirmation)
end
end
end