Commit f440ae44
Changed files (3)
app
controllers
config
spec
controllers
app/controllers/passwords_controller.rb
@@ -12,4 +12,12 @@ class PasswordsController < ApplicationController
@user = User.find_by(reset_password_token: params[:id])
redirect_to root_path if @user.nil?
end
+
+ def update
+ user = User.find_by(reset_password_token: params[:id])
+ redirect_to root_path and return if user.nil?
+
+ user.change_password(params[:user][:password])
+ redirect_to new_session_path
+ end
end
config/routes.rb
@@ -52,7 +52,7 @@ Cake::Application.routes.draw do
# /users
#devise_for :users, :controllers => {:registrations => 'registrations'}, :path => '', :path_names => { :sign_in => "signin", :sign_out => "signout", :sign_up => "register" }
- resources :passwords, only: [:new, :create, :edit]
+ resources :passwords, only: [:new, :create, :edit, :update]
resource :registration, only: [:create]
# sitemap
spec/controllers/passwords_controller_spec.rb
@@ -38,4 +38,25 @@ describe PasswordsController do
expect(response).to redirect_to(root_path)
end
end
+
+ describe "#update" do
+ let(:user) { double(change_password: true) }
+ let(:reset_token) { SecureRandom.hex(32) }
+ let(:password) { SecureRandom.hex(8) }
+
+ it "changes the users password" do
+ allow(User).to receive(:find_by).with(reset_password_token: reset_token).and_return(user)
+
+ patch :update, id: reset_token, user: { password: password }
+ expect(user).to have_received(:change_password).with(password)
+ expect(response).to redirect_to(new_session_path)
+ end
+
+ it "redirects to the home page if the reset token is not known" do
+ allow(User).to receive(:find_by).with(reset_password_token: reset_token).and_return(nil)
+
+ patch :update, id: reset_token, user: { password: password }
+ expect(response).to redirect_to(root_path)
+ end
+ end
end