10.2 Password Reset

Having completed account activation (and thereby verified the user’s email address), we’re now in a good position to handle the common case of users forgetting their passwords. As we’ll see, many of the steps are similar, and we will have several opportunities to apply the lessons learned in Section 10.1. The beginning is different, though: Unlike account activation, implementing password resets requires both a change to one of our views and two new forms (to handle email and new password submission).

Before writing any code, let’s mock up the expected sequence for resetting passwords. We’ll start by adding a “forgot password” link to the sample application’s login form (Figure 10.7). The “forgot password” link will go to ...

Get Ruby on Rails Tutorial: Learn Web Development with Rails, Third Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.