I am using devise with rails 3. In user model I have created fields for the question and answer to that question.
I want to know How I can implement forget password in following logic:
- On forget password page User enters the Username
- On Next step application should displays the question stored in db.
- User answers the question and app matches the answer if answer is matched with values stored in db.
- It redirects to edit password page where password can updated.
I tried to override password controller of devise but got stuck.
Thanks for help in advance.
Note: I am new to rails and its my first project
I've actually not used Devise before, however assuming you have a befor_filter on your controller to route to Devise authentication, you could possibly do something like:
skip_before_filter :authenticate_with_devise if user_answered_question_correctly?
this gem has a security_questionable feature which would do the trick, amongst other things https://github.com/phatworx/devise_security_extension
You don't need to override Devise for this.
- make your own
forget_password routes:
in routes.rb:
get "forgot_password" => "passwords#forgot"
get "forgot_password/verify_question" => "passwords#verify_question"
post "forgot_password/verify_answer" => "passwords#verify_answer"
post "forgot_password/reset_password" => "passwords#reset"
- Create
app/controller/passwords_controller.rb and fill out logic you want via forms / render.
- Create views.
- Change
forgot password link to your own.
- Profit
