Added auto login after password reset.

app/assets/javascripts/app/controllers/reset_password.js.coffee

@@ -113,6 +113,7 @@ class Verify extends App.Controller
     e.preventDefault()
     params = @formParam(e.target)
     params['token'] = @token
+    @password = params['password']
 
     # get data
     App.Com.ajax(
@@ -126,6 +127,35 @@ class Verify extends App.Controller
     )
 
   render_changed_success: (data, status, xhr) =>
+    App.Auth.login(
+      data:
+        username: data.user_login
+        password: @password
+      success: =>
+
+        # login check
+        App.Auth.loginCheck()
+
+        # add notify
+        App.Event.trigger 'notify:removeall'
+        @notify
+          type: 'success',
+          msg: 'Password reset successfull.'
+
+        # redirect to #
+        @navigate '#'
+
+      error: =>
+
+        # add notify
+        App.Event.trigger 'notify:removeall'
+        @notify
+          type: 'error',
+          msg: 'Something went wrong. Please contact your administrator.'
+    )
+
+
+
     @html App.view('generic/hero_message')(
       head:    'Woo hoo! Your password has been changed!'
       message: 'Please try to login!'

app/controllers/users_controller.rb

@@ -341,12 +341,12 @@ curl http://localhost/api/users/password_reset_verify.json -v -u #{login}:#{pass
 
   def password_reset_verify
     if params[:password]
-      success = User.password_reset_via_token( params[:token], params[:password] )
+      user = User.password_reset_via_token( params[:token], params[:password] )
     else
-      success = User.password_reset_check( params[:token] )
+      user = User.password_reset_check( params[:token] )
     end
-    if success
-      render :json => { :message => 'ok' }, :status => :ok
+    if user
+      render :json => { :message => 'ok', :user_login => user.login }, :status => :ok
     else
       render :json => { :message => 'failed' }, :status => :unprocessable_entity
     end

app/models/token.rb

@@ -11,15 +11,15 @@ class Token < ActiveRecord::Base
     
     # check if token is still valid
     if token.created_at < 1.day.ago
-      
+
       # delete token
       token.delete
       token.save
       return
     end
-    
+
     # return token if valid
-    return token
+    return token.user
   end
 
   private

app/models/user.rb

@@ -145,24 +145,22 @@ Your #{config.product_name} Team
 
   # check token
   def self.password_reset_check(token)
-    token = Token.check( :action => 'PasswordReset', :name => token )
-    return if !token
-    return true
+    user = Token.check( :action => 'PasswordReset', :name => token )
+    return user
   end
 
   def self.password_reset_via_token(token,password)
 
     # check token
-    token = Token.check( :action => 'PasswordReset', :name => token )
-    return if !token
+    user = Token.check( :action => 'PasswordReset', :name => token )
+    return if !user
 
     # reset password
-    token.user.update_attributes( :password => password )
+    user.update_attributes( :password => password )
 
     # delete token
-    token.delete
-    token.save
-    return true
+    Token.where( :action => 'PasswordReset', :name => token ).first.destroy
+    return user
   end
 
   def self.find_fulldata(user_id)