Added basic password recovery emails

README.md

@@ -1 +1,9 @@
-.
+Before installing/deploying:
+
+    $ export APOLLO_HOSTNAME=example.org
+    
+On Heroku:
+
+    $ heroku config:add APOLLO_HOSTNAME=example.org
+
+Replace `example.org` with your own hostname. When running locally this will probably be `localhost:3000`.

app/assets/stylesheets/scaffolds.css.scss

@@ -32,7 +32,18 @@ div {
      } }
 
 #notice {
-  color: green; }
+  background-color: green;
+  color: white;
+  padding: 5px 10px;
+  font-size: 1.2rem;
+}
+
+#alert {
+  background-color: red;
+  color: white;
+  padding: 5px 10px;
+  font-size: 1.2rem;
+}
 
 .field_with_errors {
   padding: 2px;
@@ -132,3 +143,7 @@ h2 {
   font-size: 1.0rem;
   border-radius: 10px;
 }
+
+#userbar {
+  background-color: #eee;
+}

app/controllers/password_resets_controller.rb

@@ -1,8 +1,16 @@
 class PasswordResetsController < ApplicationController
+#   before_filter :require_no_user
+    
   def create
     @user = User.find_by_email(params[:email])
-    @user.deliver_reset_password_instructions! if @user
-    redirect_to(root_path, :notice => "Instructions have been sent to your email.")
+
+    if @user
+      unless @user.deliver_reset_password_instructions!
+        redirect_to(root_path, :notice => "Please wait a while before requesting another password reset.")
+        return
+      end
+    end
+    redirect_to(new_password_reset_path, :notice => "Instructions have been sent to your email.")
   end
 
   def edit

app/controllers/users_controller.rb

@@ -12,14 +12,14 @@ class UsersController < ApplicationController
 
   # GET /users/1
   # GET /users/1.json
-  def show
-    @user = User.find(params[:id])
-
-    respond_to do |format|
-      format.html # show.html.erb
-      format.json { render json: @user }
-    end
-  end
+#   def show
+#     @user = User.find(params[:id])
+# 
+#     respond_to do |format|
+#       format.html # show.html.erb
+#       format.json { render json: @user }
+#     end
+#   end
 
   # GET /users/new
   # GET /users/new.json
@@ -44,7 +44,7 @@ class UsersController < ApplicationController
 
     respond_to do |format|
       if @user.save
-        format.html { redirect_to @user, notice: 'User was successfully created.' }
+        format.html { redirect_to users_path, notice: 'User was successfully created.' }
         format.json { render json: @user, status: :created, location: @user }
       else
         format.html { render action: "new" }
@@ -71,13 +71,13 @@ class UsersController < ApplicationController
 
   # DELETE /users/1
   # DELETE /users/1.json
-  def destroy
-    @user = User.find(params[:id])
-    @user.destroy
-
-    respond_to do |format|
-      format.html { redirect_to users_url }
-      format.json { head :no_content }
-    end
-  end
+#   def destroy
+#     @user = User.find(params[:id])
+#     @user.destroy
+# 
+#     respond_to do |format|
+#       format.html { redirect_to users_url }
+#       format.json { head :no_content }
+#     end
+#   end
 end

app/mailers/user_mailer.rb

@@ -8,7 +8,7 @@ class UserMailer < ActionMailer::Base
   #
   def reset_password_email(user)
     @user = user
-    @url = "http://localhost:3000/password_resets/#{user.reset_password_token}/edit"
+    @url = edit_password_reset_url(user.reset_password_token)
     mail(:to => user.email, :subject => "Your password has been reset")
   end
 end

app/models/user.rb

@@ -4,6 +4,7 @@ class User
   key :email, String
   key :crypted_password, String
   key :salt, String
+  timestamps!
   
   authenticates_with_sorcery!
 #   attr_accessible :email, :password, :password_confirmation

app/views/layouts/application.html.haml

@@ -8,6 +8,12 @@
 
   
   %body
+    - if notice
+      %p#notice= notice
+
+    - if alert
+      %p#alert= alert
+    
     = link_to(image_tag("TAL_logo_blue-h100.png", :size => "275x100", :alt => "Talk About Local logo"), :root, :class => "logo")
     
     #userbar
@@ -16,9 +22,8 @@
         = current_user.email
         = link_to "Log out", logout_path
       - else
-        = link_to "Log in", login_path
-    
-    %p#notice= notice
+        -#
+          = link_to "Log in", login_path
     
     = yield  
 

app/views/password_resets/new.html.haml

@@ -0,0 +1,11 @@
+%h1 Reset your password
+
+%p Type your email address here and we'll send you a link to a page where you can choose a new password.
+
+= form_tag password_resets_path, :method => :post do
+  .field
+    = label_tag :email
+    %br
+    = text_field_tag :email
+    = submit_tag "Reset my password"
+    

app/views/sessions/new.html.haml

@@ -18,6 +18,4 @@
   .actions
     = submit_tag "Log in"
     
-%h1 Forgotten your password?
-
-= render "forgot_password_form"
+= link_to "Forgotten your password?", new_password_reset_path

app/views/user_mailer/reset_password_email.text.haml

@@ -1,4 +1,5 @@
 Hello,
+
 = @user.email
 
 You have requested to reset your password.

app/views/users/_form.html.haml

@@ -8,12 +8,15 @@
 
   .field
     = f.label :email
+    %br
     = f.text_field :email
   .field
     = f.label :password
+    %br
     = f.password_field :password
   .field
     = f.label :password_confirmation
+    %br
     = f.password_field :password_confirmation
   .actions
     = f.submit 'Save'

app/views/users/index.html.haml

@@ -1,23 +1,15 @@
-%h1 Listing users
+%h1 Users
+
+= link_to 'New User', new_user_path, :class => 'button'
 
 %table
   %tr
     %th Email
-    %th Crypted password
-    %th Salt
-    %th
-    %th
-    %th
+    %th Joined
 
   - @users.each do |user|
     %tr
-      %td= user.email
-      %td= user.crypted_password
-      %td= user.salt
-      %td= link_to 'Show', user
-      %td= link_to 'Edit', edit_user_path(user)
-      %td= link_to 'Destroy', user, :confirm => 'Are you sure?', :method => :delete
-
-%br
-
-= link_to 'New User', new_user_path
+      %td= link_to user.email, "mailto:#{user.email}"
+      %td
+        = time_ago_in_words(user.created_at)
+        ago

config/application.rb

@@ -15,8 +15,11 @@ if defined?(Bundler)
   # Bundler.require(:default, :assets, Rails.env)
 end
 
+
 module Apollo
   class Application < Rails::Application
+    config.action_mailer.default_url_options = { :host => ENV['APOLLO_HOSTNAME'] }
+    
     # Settings in config/environments/* take precedence over those specified here.
     # Application configuration should go into files in config/initializers
     # -- all .rb files in that directory are automatically loaded.

config/initializers/sorcery.rb

@@ -303,7 +303,7 @@ Rails.application.config.sorcery.configure do |config|
     # hammering protection, how long to wait before allowing another email to be sent.
     # Default: `5 * 60`
     #
-    # user.reset_password_time_between_emails =
+    user.reset_password_time_between_emails = 1 * 60
 
 
     # -- brute_force_protection --