create forgot password

app/controllers/reset_passwords_controller.rb

+class ResetPasswordsController < ApplicationController
+
+  def reset_password
+  end
+
+  def sending_email
+    @user = User.find_by(email: params[:reset_password][:email].downcase)
+    unless @user
+      flash[:danger] = "Your Email invalid or not register"
+      redirect_to reset_password_step1_path
+    else
+      forgot_token = Digest::SHA1.hexdigest(SecureRandom.urlsafe_base64)
+      @user.update_attribute(:remember_token, forgot_token)
+      ResetPasswordMailer.reset_password(@user).deliver_later
+      flash[:success] = "Please check your email to change your password"
+      redirect_to reset_password_step1_path
+    end
+  end
+
+  def edit
+    @user = User.find_by(remember_token: params[:token])
+    return redirect_to reset_password_step1_path unless @user
+    if @user.token_expired?
+      flash[:danger] = "Link Confirmation is expiration too 24 hours to confirm. Please update your Email again!"
+      redirect_to register_step1_path
+    end
+  end
+
+  def update
+    @user = User.find_by(email: params[:user][:email])
+    unless @user.update_attributes(forgot_pass_params)
+      flash[:danger] = "Password or Password Confirmation is mismatch"
+      redirect_to reset_password_final_path(token: @user.remember_token)
+    else
+      sign_in @user
+      flash[:success] = 'Updated Successfully'
+      redirect_to my_page_path
+    end
+  end
+
+  private
+
+  def forgot_pass_params
+    params.require(:user).permit( :password, :password_confirmation)
+  end
+end

app/controllers/users_controller.rb

@@ -19,10 +19,9 @@ class UsersController < ApplicationController
   end
   end
 
 
   def registation
   def registation
-    @email = Confirmation.find_by(confirm_token: params[:confirm_token])
-    return register_step1_path unless @email
-    expiration_day = Time.zone.now - @email.updated_at
-    if expiration_day >= 86400
+    @email = Confirmation.find_by(confirm_token: params[:code])
+    return redirect_to register_step1_path unless @email
+    if @email.token_expired?
       flash[:danger] = "Link Confirmation is expiration too 24 hours to confirm. Please update your Email again!"
       flash[:danger] = "Link Confirmation is expiration too 24 hours to confirm. Please update your Email again!"
       redirect_to register_step1_path
       redirect_to register_step1_path
     else
     else
@@ -40,7 +39,7 @@ class UsersController < ApplicationController
   private
   private
 
 
   def sign_in_validation
   def sign_in_validation
-    return if signed_in?
+    return if signed_in? || params[:remember_token].blank?
     flash[:warning] = "Please Sign In..."
     flash[:warning] = "Please Sign In..."
     redirect_to login_path
     redirect_to login_path
   end
   end

app/mailers/reset_password_mailer.rb

+class ResetPasswordMailer < ActionMailer::Base
+  def reset_password(user)
+    @user = user
+    mail(to: user.email, subject: 'VeNJOB Password Assistance')
+  end
+end

app/models/confirmation.rb

@@ -13,6 +13,10 @@ class Confirmation < ApplicationRecord
     Digest::SHA1.hexdigest(token.to_s)
     Digest::SHA1.hexdigest(token.to_s)
   end
   end
 
 
+  def token_expired?
+    updated_at <= 24.hours.ago
+  end
+
   private
   private
 
 
   def create_confirm_token
   def create_confirm_token

app/models/reset_password.rb

+class ResetPassword < ApplicationRecord
+  before_save :create_remember_token
+
+  has_secure_password
+
+  PASSWORD_FORMAT = /\A(?=.{8,})(?=.*\d)(?=.*[a-z])(?=.*[A-Z])/x
+  validates :password, format: { with: PASSWORD_FORMAT, message: "is too short or not strength" }
+
+  def self.new_remember_token
+    SecureRandom.urlsafe_base64
+  end
+
+  def self.digest(token)
+    Digest::SHA1.hexdigest(token.to_s)
+  end
+
+  private
+
+  def create_remember_token
+    self.remember_token = User.digest(User.new_remember_token)
+  end
+end

app/models/user.rb

@@ -28,6 +28,10 @@ class User < ApplicationRecord
     Digest::SHA1.hexdigest(token.to_s)
     Digest::SHA1.hexdigest(token.to_s)
   end
   end
 
 
+  def token_expired?
+    updated_at <= 24.hours.ago
+  end
+
   private
   private
 
 
   def create_remember_token
   def create_remember_token

app/views/confirmation_mailer/register_email.html.erb

@@ -7,6 +7,6 @@
     <p>You're on your way!</p>
     <p>You're on your way!</p>
     <p>Let's confirm your email address.</p>
     <p>Let's confirm your email address.</p>
     <p>By clicking on the following link, you are confirming your email address and agreeing to VeNJOB's Terms of Service.</p>
     <p>By clicking on the following link, you are confirming your email address and agreeing to VeNJOB's Terms of Service.</p>
-    <p><%= link_to 'Confirm Email', registation_url(confirm_token: @user.confirm_token) %></p>
+    <p><%= link_to 'Confirm Email', registation_url(code: @user.confirm_token) %></p>
   </body>
   </body>
 </html>
 </html>

app/views/reset_password_mailer/reset_password.html.erb

+<html>
+  <head>
+    <meta content='text/html; charset=UTF-8' http-equiv='Content-Type' />
+  </head>
+  <body>
+    <p>We received a request to reset the password associated with this e-mail address. If you made this request, please follow the instructions below.</p>
+    <p>Click the link below to reset your password using our secure server:</p>
+    <p><%= link_to 'Reset password', reset_password_final_url(token: @user.remember_token) %></p>
+    <p>If you did not request to have your password reset you can safely ignore this email. Rest assured your account is safe.</p>
+    <p>Please also be noted that the above link is valid for 24 hours.</p>
+    <p>Best,</p>
+  </body>
+</html>

app/views/reset_passwords/edit.html.erb

+<div class="container">
+  <%= render 'layouts/flash' %>
+  <h1 class="text-center my-page-label">Forgot password</h1>
+  <div class="form-login">
+    <div class="row form d-flex justify-content-center">
+      <%= form_for(@user, url: update_forgot_pass_path) do |f|  %>
+        <div class="validation"></div>
+        <div class="email-field">
+          <div class="col-4-sm">
+            <%= f.label :email %>
+          </div>
+          <div class="col-8-sm">
+            <%= f.text_field :email, class: 'input-email', value: @user.email, readonly: true %>
+          </div>
+        </div>
+        <div class="password-field">
+          <div class="col-4-sm">
+            <%= f.label :password, 'Password' %>
+          </div>
+          <div class="col-8-sm">
+            <%= f.password_field :password, class: 'input-password' %>
+          </div>
+        </div>
+        <div class="password-confirmation-field">
+          <div class="col-4-sm">
+            <%= f.label :password_confirmation, 'Password Confirmation' %>
+          </div>
+          <div class="col-8-sm">
+            <%= f.password_field :password_confirmation, class: 'input-password-confirmation' %>
+          </div>
+        </div>
+
+        <%= f.submit 'Submit', class: 'btn btn-outline-primary btn-lg update-btn' %>
+      <% end %>
+    </div>
+  </div>
+</div>
+

app/views/reset_passwords/reset_password.html.erb

+<div class="container">
+  <%= render 'layouts/flash' %>
+  <div class="text-center label">
+    <strong>Forgot password</strong>
+  </div>
+  <div class="form-register">
+    <%= form_for(:reset_password, url: reset_password_step2_path) do |f| %>
+
+      <div class="validation"></div>
+      <div class="text-center email-input">
+        <strong>Email</strong>
+        <%= f.text_field :email %>
+      </div>
+
+      <div class="text-center confirm-email-btn">
+        <%= f.submit 'Confirm your email', class: 'btn btn-outline-danger confirm font-weight-bold' %>
+      </div>
+    <% end %>
+  </div>
+</div>

app/views/sessions/new.html.erb

@@ -22,11 +22,11 @@
           </div>
           </div>
         </div>
         </div>
         <div class="col-6-sm forgot-pass-field">
         <div class="col-6-sm forgot-pass-field">
-          <%= link_to 'Forgot password?', '#' %>
+          <%= link_to 'Forgot password?', reset_password_step1_path %>
         </div>
         </div>
 
 
         <%= f.submit 'Login', class: 'btn btn-outline-primary btn-lg login-btn' %>
         <%= f.submit 'Login', class: 'btn btn-outline-primary btn-lg login-btn' %>
-        <%= link_to 'Register', '#', class: 'btn btn-outline-info btn-lg regis-btn' %>
+        <%= link_to 'Register', register_step1_path, class: 'btn btn-outline-info btn-lg regis-btn' %>
       <% end %>
       <% end %>
     </div>
     </div>
   </div>
   </div>

config/routes.rb

@@ -11,7 +11,14 @@ Rails.application.routes.draw do
   get '/register/1', to: 'confirmations#new', as: :register_step1
   get '/register/1', to: 'confirmations#new', as: :register_step1
   post '/register/2', to: 'confirmations#mail_register', as: :register_step2
   post '/register/2', to: 'confirmations#mail_register', as: :register_step2
 
 
-  get '/registation/3code=:confirm_token', to: 'users#registation', as: :registation
+  get '/forgot_password', to: 'reset_passwords#reset_password', as: :reset_password_step1
+  post '/forgot_password', to: 'reset_passwords#sending_email', as: :reset_password_step2
+
+  get '/reset_password', to: 'reset_passwords#edit', as: :reset_password_final
+  patch '/update', to: 'reset_passwords#update', as: :update_forgot_pass
+
+  get '/registation/3', to: 'users#registation', as: :registation
+
 
 
   resources :jobs
   resources :jobs
   get 'detail/:id', to: 'jobs#show', as: :job_detail
   get 'detail/:id', to: 'jobs#show', as: :job_detail
@@ -20,6 +27,7 @@ Rails.application.routes.draw do
   get 'jobs/industry/:converted_name', to: 'jobs#industry_jobs', as: :industry_jobs
   get 'jobs/industry/:converted_name', to: 'jobs#industry_jobs', as: :industry_jobs
   get 'jobs/company/:converted_name', to: 'jobs#company_jobs', as: :company_jobs
   get 'jobs/company/:converted_name', to: 'jobs#company_jobs', as: :company_jobs
 
 
+  resources :reset_passwords, only: [:edit, :update]
   resources :confirmations
   resources :confirmations
   resources :top_pages
   resources :top_pages
   resources :industries
   resources :industries