Password expire: implement password resource inside profile. add before_fiter check

5b407802 · Dmitriy Zaporozhets · 81a9e81f · 5b407802 · 5b407802 · 5b407802
Commit 5b407802 authored Jun 13, 2013 by Dmitriy Zaporozhets
4 changed files
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
 class ApplicationController < ActionController::Base
  before_filter :authenticate_user!
  before_filter :reject_blocked!
+  before_filter :check_password_expiration!
  before_filter :set_current_user_for_thread
  before_filter :add_abilities
  before_filter :dev_tools if Rails.env == 'development'
@@ -156,4 +157,10 @@ class ApplicationController < ActionController::Base
    gon.gravatar_url = request.ssl? || Gitlab.config.gitlab.https ? Gitlab.config.gravatar.ssl_url : Gitlab.config.gravatar.plain_url
    gon.relative_url_root = Gitlab.config.gitlab.relative_url_root
  end
+
+  def check_password_expiration
+    if current_user.password_expires_at < Time.now
+      redirect_to new_profile_password_path and return
+    end
+  end
 end
--- a/app/controllers/passwords_controller.rb
+++ b/app/controllers/passwords_controller.rb
+class PasswordsController < ApplicationController
+  layout 'navless'
+
+  before_filter :set_user
+  before_filter :set_title
+
+  def new
+  end
+
+  def create
+    new_password = params[:user][:password]
+    new_password_confirmation = params[:user][:password_confirmation]
+
+    result = @user.update_attributes(
+      password: new_password,
+      password_confirmation: new_password_confirmation
+    )
+
+    if result
+      redirect_to root_path(notice: 'Password successfully changed')
+    else
+      render :new
+    end
+  end
+
+  private
+
+  def set_user
+    @user = current_user
+  end
+
+  def set_title
+    @title = "New password"
+  end
+end
--- a/app/views/passwords/new.html.haml
+++ b/app/views/passwords/new.html.haml
+%h3.page_title Setup your new password
+
+%br
+
+= form_for @user, url: profile_password_path, method: :put do |f|
+  .padded
+    %p.slead After successful password update you will be redirected to dashboard
+    -if @user.errors.any?
+      .alert.alert-error
+        %ul
+          - @user.errors.full_messages.each do |msg|
+            %li= msg
+
+    .clearfix
+      = f.label :password
+      .input= f.password_field :password, required: true
+    .clearfix
+      = f.label :password_confirmation
+      .input
+        = f.password_field :password_confirmation, required: true
+    .clearfix
+      .input
+        = f.submit 'Save password', class: "btn btn-save"
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -123,6 +123,7 @@ Gitlab::Application.routes.draw do
    end

    resource :notifications
+    resource :password
  end

  resources :keys