From 9643de5d56a6ee33861dd0a5f6834c1272144f3a Mon Sep 17 00:00:00 2001
From: saurabhbhatia <saurabh.a.bhatia@gmail.com>
Date: Thu, 2 Jan 2014 17:53:05 +0800
Subject: [PATCH] Fixed Forgot password

---
 Gemfile                                     |  2 +-
 app/controllers/confirmations_controller.rb | 18 +++++-----
 app/controllers/passwords_controller.rb     | 20 +++++------
 app/models/user/user.rb                     | 28 +++++++++++++--
 app/views/devise/passwords/edit.html.erb    | 39 +++++++++++++++------
 app/views/devise/passwords/new.html.erb     | 25 +++++--------
 config/initializers/devise.rb               |  9 ++++-
 config/locales/en.yml                       |  2 +-
 config/routes.rb                            |  4 +--
 9 files changed, 92 insertions(+), 55 deletions(-)

diff --git a/Gemfile b/Gemfile
index 837d197f..730cea7f 100644
--- a/Gemfile
+++ b/Gemfile
@@ -8,7 +8,7 @@ gem 'bson_ext'
 gem 'carrierwave'
 gem 'carrierwave-mongoid', :require => 'carrierwave/mongoid'
 gem "net-ldap", "~> 0.3.1"
-gem 'devise', '1.5.3'
+gem 'devise', '2.0'
 gem 'exception_notification' # Send error trace
 gem 'execjs'
 gem 'jquery-rails', '3.0.4'
diff --git a/app/controllers/confirmations_controller.rb b/app/controllers/confirmations_controller.rb
index c601a3e0..44c11304 100644
--- a/app/controllers/confirmations_controller.rb
+++ b/app/controllers/confirmations_controller.rb
@@ -1,21 +1,21 @@
 class ConfirmationsController < Devise::ConfirmationsController
 layout "devise"
 
-def show
-    self.resource = resource_class.confirm_by_token(params[:confirmation_token])
+ def show
+   self.resource = resource_class.confirm_by_token(params[:confirmation_token])
 
    if resource.errors.empty?
     set_flash_message(:notice, :confirmed) if is_navigational_format?
     respond_with_navigational(resource){ redirect_to after_confirmation_path_for(resource_name, resource) }
-  else
-    respond_with_navigational(resource.errors, :status => :unprocessable_entity){ render_with_scope :new }
-  end
-end
+   else
+    respond_with_navigational(resource.errors, :status => :unprocessable_entity){ render :new }
+   end
+ end
 
 protected
 
-def after_confirmation_path_for(resource_name, resource)
-    basic_infos_path(:user_id =>resource.id.to_s)
-end
+ def after_confirmation_path_for(resource_name, resource)
+  basic_infos_path(:user_id =>resource.id.to_s)
+ end
 
 end
\ No newline at end of file
diff --git a/app/controllers/passwords_controller.rb b/app/controllers/passwords_controller.rb
index e17aa891..cf0c3703 100644
--- a/app/controllers/passwords_controller.rb
+++ b/app/controllers/passwords_controller.rb
@@ -1,21 +1,18 @@
 class PasswordsController < Devise::PasswordsController
   prepend_before_filter :require_no_authentication
-  include Devise::Controllers::InternalHelpers
 
   # GET /resource/password/new
   def new
     build_resource({})
-    render_with_scope :new
   end
-
-  # POST /resource/password
+# POST /resource/password
   def create
     self.resource = resource_class.send_reset_password_instructions(params[resource_name])
 
     if successfully_sent?(resource)
-      respond_with({}, :location => after_sending_reset_password_instructions_path_for(resource_name))
+      respond_with({}, :location => root_path)
     else
-      respond_with_navigational(resource){ render_with_scope :new }
+      respond_with(resource)
     end
   end
 
@@ -23,7 +20,6 @@ class PasswordsController < Devise::PasswordsController
   def edit
     self.resource = resource_class.new
     resource.reset_password_token = params[:reset_password_token]
-    render_with_scope :edit
   end
 
   # PUT /resource/password
@@ -36,15 +32,15 @@ class PasswordsController < Devise::PasswordsController
       sign_in(resource_name, resource)
       respond_with resource, :location => after_sign_in_path_for(resource)
     else
-      respond_with_navigational(resource){ render_with_scope :edit }
+      respond_with resource
     end
   end
 
-  protected
+  # protected
 
     # The path used after sending reset password instructions
-    def after_sending_reset_password_instructions_path_for(resource_name)
-      new_session_path(resource_name)
-    end
+    # def after_sending_reset_password_instructions_path_for(resource_name)
+    #   new_session_path(resource_name)
+    # end
 
 end
\ No newline at end of file
diff --git a/app/models/user/user.rb b/app/models/user/user.rb
index 814d2d3f..7a417ba6 100644
--- a/app/models/user/user.rb
+++ b/app/models/user/user.rb
@@ -8,7 +8,31 @@ class User
   devise :database_authenticatable, :recoverable, :rememberable, :trackable, :registerable, :validatable, :confirmable #, :timeoutable
   
   mount_uploader :avatar, AvatarUploader
-  
+  #Devise Fields
+  ## Database authenticatable
+  field :email,              :type => String, :null => false
+  field :encrypted_password, :type => String, :null => false
+
+  ## Recoverable
+  field :reset_password_token,   :type => String
+  field :reset_password_sent_at, :type => Time
+
+  ## Rememberable
+  field :remember_created_at, :type => Time
+
+  ## Trackable
+  field :sign_in_count,      :type => Integer
+  field :current_sign_in_at, :type => Time
+  field :last_sign_in_at,    :type => Time
+  field :current_sign_in_ip, :type => String
+  field :last_sign_in_ip,    :type => String
+
+  ## Confirmable
+  field :confirmation_token,   :type => String
+  field :confirmed_at,         :type => Time
+  field :confirmation_sent_at, :type => Time
+
+  #Extra Fields  
   field :admin, :type => Boolean, :default => false
   field :active_role
   field :user_id
@@ -22,7 +46,7 @@ class User
   field :cache_dept,type: Hash
   field :status_record,type: Hash
   field :approved, type: Boolean, :default => false
-  field :reset_password_sent_at, :type => Time 
+  # field :reset_password_sent_at, :type => Time 
 
   has_and_belongs_to_many :approving_apps, class_name: 'AuthApproval', inverse_of: 'authorized_users'
   has_and_belongs_to_many :managing_apps, class_name: 'AuthManager', inverse_of: 'authorized_users'
diff --git a/app/views/devise/passwords/edit.html.erb b/app/views/devise/passwords/edit.html.erb
index e75c9371..4348da6d 100644
--- a/app/views/devise/passwords/edit.html.erb
+++ b/app/views/devise/passwords/edit.html.erb
@@ -1,16 +1,33 @@
-<h2>Change your password</h2>
+<section id="main-wrap">
+      <div class="sign-in have-other-sign-in">  
 
-<%= form_for(resource, :as => resource_name, :url => password_path(resource_name), :html => { :method => :put }) do |f| %>
-  <%= devise_error_messages! %>
-  <%= f.hidden_field :reset_password_token %>
+ 	   <div class="form">
+          <h3 class="login-logo">Change your password</h3>
+          <div>
+            <input name="utf8" type="hidden" value="" />
+            <input name="authenticity_token" type="hidden" value="" />
+          </div>
 
-  <div><%= f.label :password, "New password" %><br />
-  <%= f.password_field :password %></div>
+		<div class="form-block">
+         <div class="form-list clearfix">
+		  <%= form_for(resource, :as => resource_name, :url => password_path(resource_name), :html => { :method => :put, :class => 'user_new form-horizontal content' }) do |f| %>
+  		    <%= devise_error_messages! %>
 
-  <div><%= f.label :password_confirmation, "Confirm new password" %><br />
-  <%= f.password_field :password_confirmation %></div>
+  		    <%= f.hidden_field :reset_password_token %>
 
-  <div><%= f.submit "Change my password" %></div>
-<% end %>
+  		    <div><%= f.label :password, "New password" %><br />
+  		    <%= f.password_field :password %></div>
 
-<%= render :partial => "devise/shared/links" %>
\ No newline at end of file
+  		    <div><%= f.label :password_confirmation, "Confirm new password" %><br />
+  		    <%= f.password_field :password_confirmation %></div>
+  		    <p></p>
+
+  		    <div><%= f.submit "Change my password", :class => 'btn btn-primary' %></div>
+  		   </div>
+          </div>
+	     <% end %>
+
+		<%= render :partial => "devise/shared/links" %>
+        </div>
+      </div>
+    </section>
\ No newline at end of file
diff --git a/app/views/devise/passwords/new.html.erb b/app/views/devise/passwords/new.html.erb
index 2785f9b3..7a884f28 100644
--- a/app/views/devise/passwords/new.html.erb
+++ b/app/views/devise/passwords/new.html.erb
@@ -1,35 +1,28 @@
 <section id="main-wrap">
-      <div class="sign-in have-other-sign-in">
-<!--         <p class="alert alert-error in fade">You need to sign in.</p>
- -->    
+      <div class="sign-in have-other-sign-in">  
 
- 		<div class="form">
+ 	    	<div class="form">
           <h3 class="login-logo">Reset Your Password</h3>
           <div>
             <input name="utf8" type="hidden" value="" />
             <input name="authenticity_token" type="hidden" value="" />
           </div>
-<!--           <div class="other-sign-in">
-            <a class="btn btn-primary" type="submit">Other Sign In</a>
-            <p>or</p>
-          </div> -->
+
           <div class="form-block">
             <div class="form-list clearfix">
-              <form class="content" accept-charset="UTF-8" action="/users/sign_in" method="post">
-              <%= form_for(resource, :as => resource_name, :url => password_path(resource_name), :html => { :method => :post, :class => 'user_new form-horizontal' }) do |f| %>
-				<%= devise_error_messages! %>
+              <%= form_for(:user, :url => user_password_path, :html => { :method => :post, :class => 'user_new form-horizontal content' }) do |f| %>
+			         	<%= devise_error_messages! %>
 
                 <div class="control-group clear">
                   <label for="user_email">
                     <i class="icons-mail "></i>
                   </label>
-                 	<%= f.text_field :email, :placeholder => t(:email), :id=>"user_email" %>
+                  <%= f.email_field :email, :placeholder => t(:email), :id=>"user_email" %>
                 </div>
-				<%= content_tag :button, "Reset Password", :type => :submit, :class => 'btn btn-primary' %>
-              </form>
+				        <%= content_tag :button, "Reset Password", :type => :submit, :class => 'btn btn-primary' %>
             </div>
-          </div>
-        <% end %>
+           </div>
+          <% end %>
 
         </div>
       </div>
diff --git a/config/initializers/devise.rb b/config/initializers/devise.rb
index 162f0ea3..cfc7857e 100644
--- a/config/initializers/devise.rb
+++ b/config/initializers/devise.rb
@@ -22,7 +22,7 @@ Devise.setup do |config|
   # session. If you need permissions, you should implement that in a before filter.
   # config.authentication_keys = [ :email ]
   config.authentication_keys = [ :user_id ]
-  
+  config.reset_password_keys = [ :email ]
 
   # Tell if authentication through request.params is enabled. True by default.
   # config.params_authenticatable = true
@@ -82,6 +82,13 @@ Devise.setup do |config|
   # config.timeout_in = 10.minutes
   config.timeout_in = 5.days
 
+  config.apply_schema = false
+
+  config.use_salt_as_remember_token = true
+  
+  config.reset_password_within = 6.hours
+
+
   # ==> Configuration for :lockable
   # Defines which strategy will be used to lock an account.
   # :failed_attempts = Locks an account after a number of failed attempts to sign in.
diff --git a/config/locales/en.yml b/config/locales/en.yml
index 885c11a5..044991f7 100644
--- a/config/locales/en.yml
+++ b/config/locales/en.yml
@@ -426,7 +426,7 @@ en:
     index: Index
     summary: Summary
     thumbnail: Thumbnail
-  settings: Site setting
+  settings: Site Setting
   site:
     backend_openness_on: Backend Openness 
     mobile_api_openness_on: Mobile API Openness
diff --git a/config/routes.rb b/config/routes.rb
index d25df380..ace0b525 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -3,8 +3,8 @@ Orbit::Application.routes.draw do
 
   # get "robots.txt" => 'robots#index'
 
-  devise_for :users, :controllers => { :registrations => "registrations", :confirmations => 'confirmations', :passwords => 'passwords' } do
-    resources :passwords
+  devise_for :users, :controllers => { :registrations => "registrations", :passwords => 'passwords', :confirmations => 'confirmations' } do
+    resources :passwords, :except => [:index, :show, :destroy]
     match "/users_passwd" => "desktop/registrations#update", :as => :users_passwd, :via => :put
   end