defmodule Shift73kWeb.UserResetPasswordController do use Shift73kWeb, :controller import Phoenix.LiveView.Controller alias Shift73k.Accounts plug(:get_user_by_reset_password_token when action in [:edit]) def new(conn, _params) do render(conn, "new.html") end def create(conn, %{"user" => %{"email" => email}}) do if user = Accounts.get_user_by_email(email) do Accounts.deliver_user_reset_password_instructions( user, &Routes.user_reset_password_url(conn, :edit, &1) ) end # Regardless of the outcome, show an impartial success/error message. conn |> put_flash( :info, "If your email is in our system, you'll receive instructions to reset your password shortly." ) |> redirect(to: "/") end def edit(conn, _params) do live_render(conn, Shift73kWeb.UserLive.ResetPassword) end defp get_user_by_reset_password_token(conn, _opts) do %{"token" => token} = conn.params if user = Accounts.get_user_by_reset_password_token(token) do put_session(conn, "user_id", user.id) else conn |> put_flash(:error, "Reset password link is invalid or it has expired.") |> redirect(to: "/") |> halt() end end end