Commit 3995f991

mo khan <mo@mokhan.ca>
2014-09-18 16:56:43
implement password reset.
master
1 parent 49a00c8
Changed files (5)
app
controllers
passwords_controller.rb
mailers
password_reset_mailer.rb
models
password_reset.rb
spec
controllers
passwords_controller_spec.rb
models
password_reset_spec.rb
app/controllers/passwords_controller.rb
@@ -14,10 +14,7 @@ class PasswordsController < ApplicationController
   end
 
   def update
-    user = User.find_by(reset_password_token: params[:id])
-    redirect_to root_path and return if user.nil?
-
-    user.change_password(params[:user][:password])
+    PasswordReset.reset(params[:id], params[:user][:password])
     redirect_to new_session_path
   end
 end
app/mailers/password_reset_mailer.rb
@@ -0,0 +1,4 @@
+class PasswordResetMailer
+  def send_password_reset_instructions_to(user)
+  end
+end
app/models/password_reset.rb
@@ -1,4 +1,11 @@
 class PasswordReset
   def self.send_reset_instructions_to(email)
+    user = User.find_by(email: email)
+    return if user.nil?
+    user.update(reset_password_token: SecureRandom.hex(32), reset_password_sent_at: DateTime.now)
+    PasswordResetMailer.delay.send_password_reset_instructions_to(user)
+  end
+  
+  def self.reset(reset_token, new_password)
   end
 end
spec/controllers/passwords_controller_spec.rb
@@ -44,19 +44,12 @@ describe PasswordsController do
     let(:reset_token) { SecureRandom.hex(32) }
     let(:password) { SecureRandom.hex(8) }
 
-    it "changes the users password" do
-      allow(User).to receive(:find_by).with(reset_password_token: reset_token).and_return(user)
+    it "resets the users password" do
+      allow(PasswordReset).to receive(:reset).with(reset_token, password)
 
       patch :update, id: reset_token, user: { password: password }
-      expect(user).to have_received(:change_password).with(password)
+      expect(PasswordReset).to have_received(:reset).with(reset_token, password)
       expect(response).to redirect_to(new_session_path)
     end
-
-    it "redirects to the home page if the reset token is not known" do
-      allow(User).to receive(:find_by).with(reset_password_token: reset_token).and_return(nil)
-
-      patch :update, id: reset_token, user: { password: password }
-      expect(response).to redirect_to(root_path)
-    end
   end
 end
spec/models/password_reset_spec.rb
@@ -0,0 +1,39 @@
+require "rails_helper"
+
+describe PasswordReset do
+  describe ".send_reset_instructions_to" do
+    let(:user) { create(:user, reset_password_token: nil, reset_password_sent_at: nil) }
+    let(:mailer) { double(send_password_reset_instructions_to: true) }
+
+    before :each do
+      allow(PasswordResetMailer).to receive(:delay).and_return(mailer)
+    end
+
+    it "creates a new reset token for the user" do
+      PasswordReset.send_reset_instructions_to(user.email)
+      user.reload
+      expect(user.reset_password_token).to_not be_nil
+      expect(user.reset_password_sent_at).to_not be_nil
+    end
+
+    it "sends an email to the user" do
+      PasswordReset.send_reset_instructions_to(user.email)
+      expect(mailer).to have_received(:send_password_reset_instructions_to).with(user)
+    end
+
+    it "does nothing if the email is not known" do
+      PasswordReset.send_reset_instructions_to(Faker::Internet.email)
+      expect(mailer).to_not have_received(:send_password_reset_instructions_to)
+    end
+  end
+
+  describe ".reset" do
+    it "changes the users password" do
+      
+    end
+
+    it "deletes the reset token" do
+      
+    end
+  end
+end