Is there a gem of account recovery for ruby ​​on the rails that uses SMS?

advertisements

I was wondering if there was any account recovery gem for a ruby on rails password allowing the app to send the user to his sms a pin to reset their password in the event the user forgets it? Googled but didn't see anything, figured I would ask here in case my google search string was just poorly written.

ruby on rails account recovery via sms


I'm not aware of any gem, but this sounds like something that wouldn't be terribly difficult to implement. As vgoff has mentioned, there are plenty of SMS services available to you.

Something along the lines of (haven't tested this):

class SMSReset < ActiveRecord::Base
  TOKEN_LENGTH = 4
  EXPIRY_TIME = 15.minutes

  belongs_to :user

  before_create :generate_token, :set_expiry

  def dispatch_sms!
    MySMSProvider.send_sms(to: user.mobile_number, body: "Your SMS token is: #{token}")
  end

  def has_not_expired?
    expires_at > Time.now
  end

  private

  def generate_token
    self[:token] = SecureRandom.hex[0..TOKEN_LENGTH - 1].downcase
  end

  def set_expiry
    self[:expires_at] = EXPIRY_TIME.from_now
  end
end

class PasswordResetController < ApplicationController
  def new
  end

  def create
    @user = User.where(email: params[:email]).first

    if @user
      sms_reset = @user.create_sms_reset!
      sms_reset.dispatch_sms!
      flash.now[:success] = "Please enter the code that was sent to your phone in the field below"
    else
      flash.now[:error] = "No user was found by that email address"
      render :new
    end
  end

  def validate_token
    sms_reset = SMSReset.where(user_id: params[:user_id], token: params[:token])

    if sms_reset.present? && sms_reset.has_not_expired?
      @user = sms_reset.user
      render :password_reset_form
    else
      flash.now[:error] = "Sorry, that code wasn't recognized"
      render :new
    end
  end
end

You'll want to handle errors, and there's room for improvement, but hopefully the gist makes sense.