class PasswordsController < ApplicationController
  layout "authentication"

  def new
  end

  def create
  	@user = User.find_by(email: params[:email]) rescue nil
  	if @user.present?
  		@user.send_password_reset_email
  		redirect_to new_password_path, :notice => "Reset Instructions Sent"
  	else
  		redirect_to new_password_path, :notice => "User Not Found"
  	end
  end

  def edit
  	if params[:token]
   	check_token = User.check_password_token(params[:token])
   		if check_token
   			@user = User.find_by(reset_token: params[:token])
    	else
    		redirect_to new_password_path, :notice => "Invalid Token for Reset"
    	end
    else
    	redirect_to new_password_path, :notice => "Cannot Reset without a valid token"
    end
  end

  def update
  	@user = User.find_by(reset_token: password_attributes[:reset_token])
  	@user.update_password(password_attributes[:password], password_attributes[:password_confirmation])
  	redirect_to root_path
  end

  private

  def password_attributes
    params.require(:user).permit!
  end

end