Class: StandardId::Web::ResetPasswordStartForm

Inherits:

Object

• Object
• StandardId::Web::ResetPasswordStartForm

Includes:

ActiveModel::Attributes, ActiveModel::Model

Defined in:

app/forms/standard_id/web/reset_password_start_form.rb

Instance Attribute Summary

• #reset_url_template ⇒ Object readonly

  Returns the value of attribute reset_url_template.

Instance Method Summary

• #initialize(attributes = {}) ⇒ ResetPasswordStartForm constructor

  Constructor accepts the reset URL template so the form is decoupled from routing.

• #submit ⇒ Object

Constructor Details

#initialize(attributes = {}) ⇒ ResetPasswordStartForm

Constructor accepts the reset URL template so the form is decoupled from routing. The controller builds a URL from ‘reset_password_confirm_url` (or a request-derived fallback) and appends a literal `?token=token` (or `&token=token`) marker via string concatenation. The delivery job substitutes that placeholder with the actual token after account lookup.

# File 'app/forms/standard_id/web/reset_password_start_form.rb', line 16

def initialize(attributes = {})
  @reset_url_template = attributes.delete(:reset_url_template) if attributes.is_a?(Hash)
  super
end

Instance Attribute Details

#reset_url_template ⇒ Object (readonly)

Returns the value of attribute reset_url_template.

# File 'app/forms/standard_id/web/reset_password_start_form.rb', line 21

def reset_url_template
  @reset_url_template
end

Instance Method Details

#submit ⇒ Object

# File 'app/forms/standard_id/web/reset_password_start_form.rb', line 23

def submit
  return false unless valid?

  # Enqueue the full lookup + token generation + mailer delivery pipeline
  # so the controller response time does not depend on whether an account
  # exists for the submitted email. This closes the user-enumeration
  # timing side channel.
  StandardId::PasswordResetDeliveryJob.perform_later(
    email: email.to_s,
    reset_url_template: reset_url_template.to_s
  )

  true
end