25 lines
718 B
Ruby
25 lines
718 B
Ruby
class PasswordsController < ApplicationController
|
|
before_action :require_authentication
|
|
|
|
def edit
|
|
@user = Current.user
|
|
end
|
|
|
|
def update
|
|
@user = Current.user
|
|
|
|
if @user.authenticate(params[:current_password])
|
|
if @user.update(params.permit(:password, :password_confirmation))
|
|
@user.sessions.where.not(id: Current.session.id).destroy_all
|
|
redirect_to root_path, notice: "Password updated successfully."
|
|
else
|
|
flash.now[:alert] = "New password confirmation didn't match."
|
|
render :edit, status: :unprocessable_entity
|
|
end
|
|
else
|
|
flash.now[:alert] = "Current password is incorrect."
|
|
render :edit, status: :unprocessable_entity
|
|
end
|
|
end
|
|
end
|