Commit 5b40780290e7d7c9e129e58c4f3f435073598ae6
1 parent
81a9e81f
Exists in
master
and in
4 other branches
Password expire: implement password resource inside profile. add before_fiter check
Showing
4 changed files
with
66 additions
and
0 deletions
Show diff stats
app/controllers/application_controller.rb
| 1 | 1 | class ApplicationController < ActionController::Base |
| 2 | 2 | before_filter :authenticate_user! |
| 3 | 3 | before_filter :reject_blocked! |
| 4 | + before_filter :check_password_expiration! | |
| 4 | 5 | before_filter :set_current_user_for_thread |
| 5 | 6 | before_filter :add_abilities |
| 6 | 7 | before_filter :dev_tools if Rails.env == 'development' |
| ... | ... | @@ -156,4 +157,10 @@ class ApplicationController < ActionController::Base |
| 156 | 157 | gon.gravatar_url = request.ssl? || Gitlab.config.gitlab.https ? Gitlab.config.gravatar.ssl_url : Gitlab.config.gravatar.plain_url |
| 157 | 158 | gon.relative_url_root = Gitlab.config.gitlab.relative_url_root |
| 158 | 159 | end |
| 160 | + | |
| 161 | + def check_password_expiration | |
| 162 | + if current_user.password_expires_at < Time.now | |
| 163 | + redirect_to new_profile_password_path and return | |
| 164 | + end | |
| 165 | + end | |
| 159 | 166 | end | ... | ... |
| ... | ... | @@ -0,0 +1,35 @@ |
| 1 | +class PasswordsController < ApplicationController | |
| 2 | + layout 'navless' | |
| 3 | + | |
| 4 | + before_filter :set_user | |
| 5 | + before_filter :set_title | |
| 6 | + | |
| 7 | + def new | |
| 8 | + end | |
| 9 | + | |
| 10 | + def create | |
| 11 | + new_password = params[:user][:password] | |
| 12 | + new_password_confirmation = params[:user][:password_confirmation] | |
| 13 | + | |
| 14 | + result = @user.update_attributes( | |
| 15 | + password: new_password, | |
| 16 | + password_confirmation: new_password_confirmation | |
| 17 | + ) | |
| 18 | + | |
| 19 | + if result | |
| 20 | + redirect_to root_path(notice: 'Password successfully changed') | |
| 21 | + else | |
| 22 | + render :new | |
| 23 | + end | |
| 24 | + end | |
| 25 | + | |
| 26 | + private | |
| 27 | + | |
| 28 | + def set_user | |
| 29 | + @user = current_user | |
| 30 | + end | |
| 31 | + | |
| 32 | + def set_title | |
| 33 | + @title = "New password" | |
| 34 | + end | |
| 35 | +end | ... | ... |
| ... | ... | @@ -0,0 +1,23 @@ |
| 1 | +%h3.page_title Setup your new password | |
| 2 | + | |
| 3 | +%br | |
| 4 | + | |
| 5 | += form_for @user, url: profile_password_path, method: :put do |f| | |
| 6 | + .padded | |
| 7 | + %p.slead After successful password update you will be redirected to dashboard | |
| 8 | + -if @user.errors.any? | |
| 9 | + .alert.alert-error | |
| 10 | + %ul | |
| 11 | + - @user.errors.full_messages.each do |msg| | |
| 12 | + %li= msg | |
| 13 | + | |
| 14 | + .clearfix | |
| 15 | + = f.label :password | |
| 16 | + .input= f.password_field :password, required: true | |
| 17 | + .clearfix | |
| 18 | + = f.label :password_confirmation | |
| 19 | + .input | |
| 20 | + = f.password_field :password_confirmation, required: true | |
| 21 | + .clearfix | |
| 22 | + .input | |
| 23 | + = f.submit 'Save password', class: "btn btn-save" | ... | ... |