POST /resource/password
# File app/controllers/devise/passwords_controller.rb, line 12 def create self.resource = resource_class.send_reset_password_instructions(resource_params) yield resource if block_given? if successfully_sent?(resource) respond_with({}, location: after_sending_reset_password_instructions_path_for(resource_name)) else respond_with(resource) end end
GET /resource/password/edit?reset_password_token=abcdef
# File app/controllers/devise/passwords_controller.rb, line 24 def edit self.resource = resource_class.new set_minimum_password_length resource.reset_password_token = params[:reset_password_token] end
GET /resource/password/new
# File app/controllers/devise/passwords_controller.rb, line 7 def new self.resource = resource_class.new end
PUT /resource/password
# File app/controllers/devise/passwords_controller.rb, line 31 def update self.resource = resource_class.reset_password_by_token(resource_params) yield resource if block_given? if resource.errors.empty? resource.unlock_access! if unlockable?(resource) if Devise.sign_in_after_reset_password flash_message = resource.active_for_authentication? ? :updated : :updated_not_active set_flash_message(:notice, flash_message) if is_flashing_format? sign_in(resource_name, resource) else set_flash_message(:notice, :updated_not_active) if is_flashing_format? end respond_with resource, location: after_resetting_password_path_for(resource) else set_minimum_password_length respond_with resource end end
# File app/controllers/devise/passwords_controller.rb, line 52 def after_resetting_password_path_for(resource) Devise.sign_in_after_reset_password ? after_sign_in_path_for(resource) : new_session_path(resource_name) end
The path used after sending reset password instructions
# File app/controllers/devise/passwords_controller.rb, line 57 def after_sending_reset_password_instructions_path_for(resource_name) new_session_path(resource_name) if is_navigational_format? end
Check if a reset_password_token is provided in the request
# File app/controllers/devise/passwords_controller.rb, line 62 def assert_reset_token_passed if params[:reset_password_token].blank? set_flash_message(:alert, :no_token) redirect_to new_session_path(resource_name) end end
# File app/controllers/devise/passwords_controller.rb, line 77 def translation_scope 'devise.passwords' end
Check if proper Lockable module methods are present & unlock strategy allows to unlock resource on password reset
# File app/controllers/devise/passwords_controller.rb, line 71 def unlockable?(resource) resource.respond_to?(:unlock_access!) && resource.respond_to?(:unlock_strategy_enabled?) && resource.unlock_strategy_enabled?(:email) end