Working password reset emails

.rbenv-vars-sample

 MAILGUN_API_KEY=
 
 MAIL_FROM_ADDRESS=
+
+AARDBEI_HOSTNAME=

app/controllers/authentication_controller.rb

   end
 
   def forgotten_password
-    flash[:danger] = "Not yet implemented."
+    user = User.find_by(email: params[:password_reset][:email])
+    if not user
+      flash[:danger] = "That email address is not associated with any user."
+      redirect_to action: 'forgotten_password_form'
+      return
+    end
+    AuthenticationMailer::password_reset_email(user).deliver_later
+    flash[:success] = "An email has been sent, check your inbox!"
     redirect_to action: 'login'
   end
 

app/models/token.rb

   def generate_expiry
     case self.tokentype
     when TYPES[:password_reset]
-      1.days.since
+      self.expires = 1.days.since
     when TYPES[:account_confirmation]
-      7.days.since
-    else
-      nil
+      self.expires = 7.days.since
     end
   end
 end

app/views/authentication_mailer/password_reset_email.text.erb

-Hallo <%= @user.person.first_name %>,
+Hello <%= @user.person.first_name %>,
 
-Er is een verzoek binnengekomen om je wachtwoord opnieuw in te stellen.
-Als jij dit hebt gedaan, open dan deze link:
+You (or someone pretending to be you) have requested to reset your password.
+If this was you, please open the following link:
 
-Als je dit niet was kan je deze mail negeren.
+<%= reset_password_url(token: @token.token) %>
+
+This link will expire at <%= @token.expires %>, and is usable only once.
+If you did not request this password reset, ignore this message.
 
-Doei,
 Aardbei

config/application.rb

     # Settings in config/environments/* take precedence over those specified here.
     # Application configuration should go into files in config/initializers
     # -- all .rb files in that directory are automatically loaded.
+    default_url_options[:host] = ENV['AARDBEI_HOSTNAME']
   end
 end