set up password recovery

2e645090 · John Doe · b777997f · 2e645090 · 2e645090 · 2e645090
Commit 2e645090 authored Feb 09, 2017 by John Doe
Showing with 23 additions and 9 deletions
app/controllers/application_controller.rb
app/views/devise/mailer/reset_password_instructions.html.erb
config/environments/development.rb
config/initializers/devise.rb
config/initializers/devise_token_auth.rb
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -2,6 +2,11 @@

 # application controller
 class ApplicationController < ActionController::API
+  before_action :configure_permitted_parameters, if: :devise_controller?
  include DeviseTokenAuth::Concerns::SetUserByToken

+  def configure_permitted_parameters
+    devise_parameter_sanitizer.permit(:account_update,
+      keys: [:first_name, :last_name, :email])
+  end
 end
--- a/app/views/devise/mailer/reset_password_instructions.html.erb
+++ b/app/views/devise/mailer/reset_password_instructions.html.erb
-<p><%= t(:hello).capitalize %> <%= @resource.email %>!</p>
+<p>Hello <%= @resource.first_name %>!</p>

-<p><%= t '.request_reset_link_msg' %></p>
+Someone has requested a link to change your password.
+You can do this through the link below.

-<p><%= link_to t('.password_change_link'), edit_password_url(@resource, reset_password_token: @token, config: message['client-config'].to_s, redirect_url: message['redirect-url'].to_s).html_safe %></p>

-<p><%= t '.ignore_mail_msg' %></p>
-<p><%= t '.no_changes_msg' %></p>
\ No newline at end of file
+<p><%= link_to t('.password_change_link'), edit_password_url(@resource, reset_password_token: @token, config: message['client-config'].to_s, redirect_url: message['redirect-url'].to_s).html_safe %></p>
+<p>
+If you didn't request this, please ignore this email.
+</p>
+<p>
+Your password won't change until you access the link above and create a new one.
+</p>
+<p>
+  ~wattsworth robot
+</p>
--- a/config/environments/development.rb
+++ b/config/environments/development.rb
@@ -32,7 +32,7 @@ Rails.application.configure do
  # Don't care if the mailer can't send.
  config.action_mailer.raise_delivery_errors = false
  config.action_mailer.perform_caching = false
-  config.action_mailer.default_url_options = { :host => 'wattsworth.dev' }
+  config.action_mailer.default_url_options = { :host => 'localhost:3000' }
  config.action_mailer.delivery_method = :smtp
  config.action_mailer.smtp_settings =
    { :address => "localhost", :port => 1025 }

--- a/config/initializers/devise.rb
+++ b/config/initializers/devise.rb
 Devise.setup do |config|
  # The e-mail address that mail will appear to be sent from
  # If absent, mail is sent from "please-change-me-at-config-initializers-devise@example.com"
-  config.mailer_sender = "support@myapp.com"
+  config.mailer_sender = "support@wattsworth.net"

  # If using rails-api, you may want to tell devise to not use ActionDispatch::Flash
  # middleware b/c rails-api does not include it.

--- a/config/initializers/devise_token_auth.rb
+++ b/config/initializers/devise_token_auth.rb
@@ -3,7 +3,9 @@ DeviseTokenAuth.setup do |config|
  # client is responsible for keeping track of the changing tokens. Change
  # this to false to prevent the Authorization header from changing after
  # each request.
-  # config.change_headers_on_each_request = true
+  config.change_headers_on_each_request = false
+
+  config.default_password_reset_url = "http://localhost:4200/session/reset_password"

  # By default, users will need to re-authenticate after 2 weeks. This setting
  # determines how long tokens will remain valid after they are issued.