Browse Source

Added reset password api method

eperez-timeinput
Jason Denney 12 years ago
parent
commit
761ab81b56
  1. 28
      app/controllers/api/v1/users_controller.rb
  2. 1
      config/routes.rb

28
app/controllers/api/v1/users_controller.rb

@ -0,0 +1,28 @@
require 'securerandom'
class Api::V1::UsersController < Api::V1::BaseController
def password_reset
if can? :manage, User
user = User.find_by_id(params[:user_id])
render :json => { "error" => "User not found"}, :status => 404 and return if user.nil?
render :json => { "error" => "Not allowed to reset your own password in this fashion."}, :status => 403 and return if user.id == current_user.id
new_pass = SecureRandom.hex[0,8]
user.password = new_pass
user.save
render :json => { "password" => new_pass}, :status => 200 and return
else
render :json => { "error" => "You do not have the permission"}, :status => 403 and return
end
end
def checkout
#must use @current_user since user may not have signed in
if !@current_user.checked_in?
render :json => { "error" => "You were not even checked in."}, :status => 404 and return
else
@current_user.checkout
render :nothing => true, :status => 204 and return
end
end
end

1
config/routes.rb

@ -10,6 +10,7 @@ Velocipede::Application.routes.draw do
scope 'v1', :module => :v1 do
post 'checkin' => "logs#checkin", :as => "api_checkin"
post 'checkout' => "logs#checkout", :as => "api_checkout"
post 'reset' => "users#password_reset", :as => "api_password_reset"
end
end

Loading…
Cancel
Save