Added basic password recovery emails

12 years ago · 4c38bcdc49
--- a/README.md
+++ b/README.md
@@ -1 +1,9 @@
 .
 Before installing/deploying:

    $ export APOLLO_HOSTNAME=example.org
    
 On Heroku:

    $ heroku config:add APOLLO_HOSTNAME=example.org

 Replace `example.org` with your own hostname. When running locally this will probably be `localhost:3000`.
--- a/app/assets/stylesheets/scaffolds.css.scss
+++ b/app/assets/stylesheets/scaffolds.css.scss
@@ -32,7 +32,18 @@ div {
     } }

 #notice {
  color: green; }
  background-color: green;
  color: white;
  padding: 5px 10px;
  font-size: 1.2rem;
 }

 #alert {
  background-color: red;
  color: white;
  padding: 5px 10px;
  font-size: 1.2rem;
 }

 .field_with_errors {
  padding: 2px;
@@ -132,3 +143,7 @@ h2 {
  font-size: 1.0rem;
  border-radius: 10px;
 }

 #userbar {
  background-color: #eee;
 }
--- a/app/controllers/password_resets_controller.rb
+++ b/app/controllers/password_resets_controller.rb
@@ -1,8 +1,16 @@
 class PasswordResetsController < ApplicationController
 #   before_filter :require_no_user
    
  def create
    @user = User.find_by_email(params[:email])
    @user.deliver_reset_password_instructions! if @user
    redirect_to(root_path, :notice => "Instructions have been sent to your email.")

    if @user
      unless @user.deliver_reset_password_instructions!
        redirect_to(root_path, :notice => "Please wait a while before requesting another password reset.")
        return
      end
    end
    redirect_to(new_password_reset_path, :notice => "Instructions have been sent to your email.")
  end

  def edit
--- a/app/controllers/users_controller.rb
+++ b/app/controllers/users_controller.rb
@@ -12,14 +12,14 @@ class UsersController < ApplicationController

  # GET /users/1
  # GET /users/1.json
  def show
    @user = User.find(params[:id])

    respond_to do |format|
      format.html # show.html.erb
      format.json { render json: @user }
    end
  end
 #   def show
 #     @user = User.find(params[:id])
 # 
 #     respond_to do |format|
 #       format.html # show.html.erb
 #       format.json { render json: @user }
 #     end
 #   end

  # GET /users/new
  # GET /users/new.json
@@ -44,7 +44,7 @@ class UsersController < ApplicationController

    respond_to do |format|
      if @user.save
        format.html { redirect_to @user, notice: 'User was successfully created.' }
        format.html { redirect_to users_path, notice: 'User was successfully created.' }
        format.json { render json: @user, status: :created, location: @user }
      else
        format.html { render action: "new" }
@@ -71,13 +71,13 @@ class UsersController < ApplicationController

  # DELETE /users/1
  # DELETE /users/1.json
  def destroy
    @user = User.find(params[:id])
    @user.destroy

    respond_to do |format|
      format.html { redirect_to users_url }
      format.json { head :no_content }
    end
  end
 #   def destroy
 #     @user = User.find(params[:id])
 #     @user.destroy
 # 
 #     respond_to do |format|
 #       format.html { redirect_to users_url }
 #       format.json { head :no_content }
 #     end
 #   end
 end
--- a/app/mailers/user_mailer.rb
+++ b/app/mailers/user_mailer.rb
@@ -8,7 +8,7 @@ class UserMailer < ActionMailer::Base
  #
  def reset_password_email(user)
    @user = user
    @url = "http://localhost:3000/password_resets/#{user.reset_password_token}/edit"
    @url = edit_password_reset_url(user.reset_password_token)
    mail(:to => user.email, :subject => "Your password has been reset")
  end
 end
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -4,6 +4,7 @@ class User
  key :email, String
  key :crypted_password, String
  key :salt, String
  timestamps!
  
  authenticates_with_sorcery!
 #   attr_accessible :email, :password, :password_confirmation
--- a/app/views/layouts/application.html.haml
+++ b/app/views/layouts/application.html.haml
@@ -8,6 +8,12 @@

  
  %body
    - if notice
      %p#notice= notice

    - if alert
      %p#alert= alert
    
    = link_to(image_tag("TAL_logo_blue-h100.png", :size => "275x100", :alt => "Talk About Local logo"), :root, :class => "logo")
    
    #userbar
@@ -16,9 +22,8 @@
        = current_user.email
        = link_to "Log out", logout_path
      - else
        = link_to "Log in", login_path
    
    %p#notice= notice
        -#
          = link_to "Log in", login_path
    
    = yield  

--- a/app/views/password_resets/new.html.haml
+++ b/app/views/password_resets/new.html.haml
@@ -0,0 +1,11 @@
 %h1 Reset your password

 %p Type your email address here and we'll send you a link to a page where you can choose a new password.

 = form_tag password_resets_path, :method => :post do
  .field
    = label_tag :email
    %br
    = text_field_tag :email
    = submit_tag "Reset my password"
    
--- a/app/views/sessions/new.html.haml
+++ b/app/views/sessions/new.html.haml
@@ -18,6 +18,4 @@
  .actions
    = submit_tag "Log in"
    
 %h1 Forgotten your password?

 = render "forgot_password_form"
 = link_to "Forgotten your password?", new_password_reset_path
--- a/app/views/user_mailer/reset_password_email.text.haml
+++ b/app/views/user_mailer/reset_password_email.text.haml
@@ -1,4 +1,5 @@
 Hello,

 = @user.email

 You have requested to reset your password.
--- a/app/views/users/_form.html.haml
+++ b/app/views/users/_form.html.haml
@@ -8,12 +8,15 @@

  .field
    = f.label :email
    %br
    = f.text_field :email
  .field
    = f.label :password
    %br
    = f.password_field :password
  .field
    = f.label :password_confirmation
    %br
    = f.password_field :password_confirmation
  .actions
    = f.submit 'Save'
--- a/app/views/users/index.html.haml
+++ b/app/views/users/index.html.haml
@@ -1,23 +1,15 @@
 %h1 Listing users
 %h1 Users

 = link_to 'New User', new_user_path, :class => 'button'

 %table
  %tr
    %th Email
    %th Crypted password
    %th Salt
    %th
    %th
    %th
    %th Joined

  - @users.each do |user|
    %tr
      %td= user.email
      %td= user.crypted_password
      %td= user.salt
      %td= link_to 'Show', user
      %td= link_to 'Edit', edit_user_path(user)
      %td= link_to 'Destroy', user, :confirm => 'Are you sure?', :method => :delete

 %br

 = link_to 'New User', new_user_path
      %td= link_to user.email, "mailto:#{user.email}"
      %td
        = time_ago_in_words(user.created_at)
        ago
--- a/config/application.rb
+++ b/config/application.rb
@@ -15,8 +15,11 @@ if defined?(Bundler)
  # Bundler.require(:default, :assets, Rails.env)
 end


 module Apollo
  class Application < Rails::Application
    config.action_mailer.default_url_options = { :host => ENV['APOLLO_HOSTNAME'] }
    
    # Settings in config/environments/* take precedence over those specified here.
    # Application configuration should go into files in config/initializers
    # -- all .rb files in that directory are automatically loaded.
--- a/config/initializers/sorcery.rb
+++ b/config/initializers/sorcery.rb
@@ -303,7 +303,7 @@ Rails.application.config.sorcery.configure do |config|
    # hammering protection, how long to wait before allowing another email to be sent.
    # Default: `5 * 60`
    #
    # user.reset_password_time_between_emails =
    user.reset_password_time_between_emails = 1 * 60


    # -- brute_force_protection --