First half of a password reset function

2006-11-17 13:31:15 +00:00 · 2006-11-17 13:31:15 +00:00 · f864203056
commit f864203056
parent e62fe92282
10 changed files with 60 additions and 24 deletions
--- a/app/controllers/user_controller.rb
+++ b/app/controllers/user_controller.rb
@ -1,11 +1,12 @@
 class UserController < ApplicationController
+  layout 'site'
  
  def save
    @user = User.new(params[:user])
    @user.set_defaults

    if @user.save
-      flash[:notice] = 'Users was successfully created.'
+      flash[:notice] = 'User was successfully created. Check your email for a confirmation note, and you\'ll be mapping in no time :-)'
      Notifier::deliver_signup_confirm(@user)
      redirect_to :action => 'login'
    else
@ -13,8 +14,21 @@ class UserController < ApplicationController
    end
  end

+  def lost_password
+    if params['user']['email']
+      user = User.find_by_email(params['user']['email'])
+      if user
+        user.token = User.make_token
+        user.save
+        Notifier::deliver_lost_password(user)
+        flash[:notice] = "Sorry you lost it :-( but an email is on it's way so you can reset it soon."
+      else
+        flash[:notice] = "Couldn't find that email address, sorry."
+      end
+    end
+  end
+
  def new
-    render :layout => 'site'
  end

  def login
@ -29,10 +43,10 @@ class UserController < ApplicationController
        session[:token] = u.token
        redirect_to :controller => 'site', :action => 'index'
        return
+      else
+        flash[:notice] = "Couldn't log in with those details"
      end
    end
-
-    render :layout => 'site'
  end

  def logout
@ -53,7 +67,7 @@ class UserController < ApplicationController
    if @user && @user.active == 0
      @user.active = true
      @user.save
-      flash[:notice] = 'Confirmed your account'
+      flash[:notice] = 'Confirmed your account, thanks for signing up!'

      #FIXME: login the person magically

--- a/app/models/notifier.rb
+++ b/app/models/notifier.rb
@ -1,12 +1,17 @@
 class Notifier < ActionMailer::Base

  def signup_confirm( user )
-    # Email header info MUST be added here
    @recipients = user.email
    @from = 'abuse@openstreetmap.org'
    @subject = '[OpenStreetMap] Confirm your email address'
-
    @body['url'] = 'http://www.openstreetmap.org/user/confirm?confirm_string=' + user.token
  end

+  def lost_password( user )
+    @recipients = user.email
+    @from = 'abuse@openstreetmap.org'
+    @subject = '[OpenStreetMap] Passwors reset request'
+    @body['url'] = "http://www.openstreetmap.org/user/reset_password?email=#{user.email}&token=#{user.token}"
+  end
+
 end
--- a/app/models/user.rb
+++ b/app/models/user.rb
@ -32,11 +32,11 @@ class User < ActiveRecord::Base
    find_first([ "token = ? ", token])
  end 
  
-  def self.make_token
+  def self.make_token(length=30)
    chars = 'abcdefghijklmnopqrtuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789'
    confirmstring = ''

-    30.times do
+    length.times do
      confirmstring += chars[(rand * chars.length).to_i].chr
    end

--- a/app/views/layouts/site.rhtml
+++ b/app/views/layouts/site.rhtml
@ -21,11 +21,11 @@

  <span id="greeting">
    <% if @user %>
-      Welcome, <%= @user.email %> |
-      <%= link_to 'Logout', {:controller => 'user', :action => 'logout'}, {:id => 'loginanchor'}%>
+      Welcome, <%= @user.display_name %> |
+      <%= link_to 'logout', {:controller => 'user', :action => 'logout'}, {:id => 'loginanchor'}%>
    <% else %>
-      <%= link_to 'Login', {:controller => 'user', :action => 'login'}, {:id => 'loginanchor'}%> |
-      <%= link_to 'Sign up', {:controller => 'user', :action => 'new'}, {:id => 'registeranchor'} %>
+      <%= link_to 'log in', {:controller => 'user', :action => 'login'}, {:id => 'loginanchor'}%> |
+      <%= link_to 'sign up', {:controller => 'user', :action => 'new'}, {:id => 'registeranchor'} %>
    <% end %>
  </span>
  
--- a/app/views/notifier/lost_password.rhtml
+++ b/app/views/notifier/lost_password.rhtml
@ -0,0 +1,8 @@
+Hi,
+
+Someone (possibly you) has asked for the password to be reset on this
+email addresses openstreetmap.org account.
+
+If this is you, please click the link below to reset your password.
+
+<%= @url %>
--- a/app/views/user/login.rhtml
+++ b/app/views/user/login.rhtml
@ -3,11 +3,11 @@ Please login or <%= link_to 'create an account', :controller => 'user', :action

 <%= start_form_tag :action => 'login' %>
 <table>
-  <tr><td>Login name</td><td><%= text_field('user', 'email',{:size => 50, :maxlength => 255}) %></td></tr>
+  <tr><td>email address:</td><td><%= text_field('user', 'email',{:size => 50, :maxlength => 255}) %></td></tr>
  <tr><td>password:</td><td><%= password_field('user', 'password',{:size => 50, :maxlength => 255}) %></td></tr>
 </table>

 <br>
 <input type="submit" value="Login">

-<%= end_form_tag %> (<%= link_to 'Forgotten your password?', :controller => 'user', :action => 'lost_password' %>)
+<%= end_form_tag %> (<%= link_to 'Lost your password?', :controller => 'user', :action => 'lost_password' %>)
--- a/app/views/user/lost_password.rhtml
+++ b/app/views/user/lost_password.rhtml
@ -0,0 +1,8 @@
+<h1>Forgotten Password?</h1><br>
+
+<%= start_form_tag :action => 'lost_password' %>
+<table>
+  <tr><td>email address:</td><td><%= text_field('user', 'email', {:size => 50, :maxlength => 255} ) %></td></tr>
+</table>
+<br>
+<input type="submit" value="Send me a new password">
--- a/app/views/user/new.rhtml
+++ b/app/views/user/new.rhtml
@ -1,14 +1,14 @@
 <h1>Create a user account</h1><br>
 Fill in the form and we'll send you a quick email to activate your account.<br><br>

-By creating an account, you agree that all work uploaded to openstreetmap.org and all data created by use of any tools on openstreetmap.org is to be licensed under <a href="http://creativecommons.org/licenses/by-sa/2.0/">this</a> Creative Commons license.<br><br>
+By creating an account, you agree that all work uploaded to openstreetmap.org and all data created by use of any tools which connect to openstreetmap.org is to be licensed under this <a href="http://creativecommons.org/licenses/by-sa/2.0/">this Creative Commons license (by-sa)</a>.<br><br>

 <%= error_messages_for 'user' %>

 <%= start_form_tag :action => 'save' %>
 <table>
-  <tr><td>email address:</td><td><%= text_field('user', 'email',{:size => 50, :maxlength => 255}) %></td></tr>
-  <tr><td>Login name</td><td><%= text_field('user', 'display_name',{:size => 50, :maxlength => 255}) %></td></tr>
+  <tr><td>email:</td><td><%= text_field('user', 'email',{:size => 50, :maxlength => 255}) %></td></tr>
+  <tr><td>login name</td><td><%= text_field('user', 'display_name',{:size => 50, :maxlength => 255}) %></td></tr>
  <tr><td>password:</td><td><%= password_field('user', 'pass_crypt',{:size => 50, :maxlength => 255}) %></td></tr>
  <tr><td>retype password:</td><td><%= password_field('user', 'pass_crypt_confirmation',{:size => 50, :maxlength => 255}) %></td></tr>
 </table>
--- a/config/routes.rb
+++ b/config/routes.rb
@ -20,6 +20,7 @@ ActionController::Routing::Routes.draw do |map|
  map.connect '/login.html', :controller => 'user', :action => 'login'
  map.connect '/logout.html', :controller => 'user', :action => 'logout'
  map.connect '/create-account.html', :controller => 'user', :action => 'new'
+  map.connect '/forgot-password.html', :controller => 'user', :action => 'lost_password'

  map.connect ':controller/:action/:id'
 end
--- a/public/stylesheets/site.css
+++ b/public/stylesheets/site.css
@ -1,4 +1,3 @@
-
 a {
  color: #0000ff;
  text-decoration: none;
@ -373,10 +372,8 @@ hides rule from IE5-Mac \*/

 #notice {
  width: 400px;
-  border: 2px solid green;
+  border: 1px solid black;
  padding: 7px;
-  padding-bottom: 12px;
-  margin-bottom: 20px;
  background-color: #f0f0f0;
 }

@ -410,3 +407,6 @@ hides rule from IE5-Mac \*/
  list-style: square;
 }

+input {
+ border: 1px solid black;
+}