class Devise::PasswordsController

Public Instance Methods

create() { |resource| ... } click to toggle source

POST /resource/password

# File app/controllers/devise/passwords_controller.rb, line 12
def create
  self.resource = resource_class.send_reset_password_instructions(resource_params)
  yield resource if block_given?

  if successfully_sent?(resource)
    respond_with({}, location: after_sending_reset_password_instructions_path_for(resource_name))
  else
    respond_with(resource)
  end
end
edit() click to toggle source

GET /resource/password/edit?reset_password_token=abcdef

# File app/controllers/devise/passwords_controller.rb, line 24
def edit
  self.resource = resource_class.new
  set_minimum_password_length
  resource.reset_password_token = params[:reset_password_token]
end
new() click to toggle source

GET /resource/password/new

# File app/controllers/devise/passwords_controller.rb, line 7
def new
  self.resource = resource_class.new
end
update() { |resource| ... } click to toggle source

PUT /resource/password

# File app/controllers/devise/passwords_controller.rb, line 31
def update
  self.resource = resource_class.reset_password_by_token(resource_params)
  yield resource if block_given?

  if resource.errors.empty?
    resource.unlock_access! if unlockable?(resource)
    if Devise.sign_in_after_reset_password
      flash_message = resource.active_for_authentication? ? :updated : :updated_not_active
      set_flash_message(:notice, flash_message) if is_flashing_format?
      sign_in(resource_name, resource)
    else
      set_flash_message(:notice, :updated_not_active) if is_flashing_format?
    end
    respond_with resource, location: after_resetting_password_path_for(resource)
  else
    set_minimum_password_length
    respond_with resource
  end
end

Protected Instance Methods

after_resetting_password_path_for(resource) click to toggle source
# File app/controllers/devise/passwords_controller.rb, line 52
def after_resetting_password_path_for(resource)
  Devise.sign_in_after_reset_password ? after_sign_in_path_for(resource) : new_session_path(resource_name)
end
after_sending_reset_password_instructions_path_for(resource_name) click to toggle source

The path used after sending reset password instructions

# File app/controllers/devise/passwords_controller.rb, line 57
def after_sending_reset_password_instructions_path_for(resource_name)
  new_session_path(resource_name) if is_navigational_format?
end
assert_reset_token_passed() click to toggle source

Check if a reset_password_token is provided in the request

# File app/controllers/devise/passwords_controller.rb, line 62
def assert_reset_token_passed
  if params[:reset_password_token].blank?
    set_flash_message(:alert, :no_token)
    redirect_to new_session_path(resource_name)
  end
end
translation_scope() click to toggle source
# File app/controllers/devise/passwords_controller.rb, line 77
def translation_scope
  'devise.passwords'
end
unlockable?(resource) click to toggle source

Check if proper Lockable module methods are present & unlock strategy allows to unlock resource on password reset

# File app/controllers/devise/passwords_controller.rb, line 71
def unlockable?(resource)
  resource.respond_to?(:unlock_access!) &&
    resource.respond_to?(:unlock_strategy_enabled?) &&
    resource.unlock_strategy_enabled?(:email)
end