Skip to content

Instantly share code, notes, and snippets.

@AlexVKO
Created November 3, 2015 05:15
Show Gist options
  • Save AlexVKO/5fdd2c23a2ad875a8e7e to your computer and use it in GitHub Desktop.
Save AlexVKO/5fdd2c23a2ad875a8e7e to your computer and use it in GitHub Desktop.
Allow devise to reset password signed in
class PasswordsController < Devise::PasswordsController
# here we need to skip the automatic authentication based on current session for the following two actions
# edit: shows the reset password form. need to skip, otherwise it will go directly to root
# update: updates the password, need to skip otherwise it won't even reset if already logged in
skip_before_filter :require_no_authentication, :only => [:edit, :update]
# we need to override the update, too.
# After a password is reset, all outstanding sessions are gone.
# When already logged in, sign_in is a no op, so the session will expire, too.
# The solution is to logout and then re-login which will make the session right.
def update
super
if resource.errors.empty?
sign_out(resource_name)
sign_in(resource_name, resource)
end
end
end
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment