Clean up password reset

app/authenticators/jwt-resolved.js

@@ -1,19 +1,29 @@
-// Note: this is here for user lockout authentication
+// Note: this authenticator exists for user lockout --- they are sent a copy
+// of a valid JWT to their registered email address. The lockout route plucks
+// the token off the URL and passes it directly into this authenticator.
+
+import BaseAuthenticator from 'ember-simple-auth/authenticators/base';
 import Ember from 'ember';
-import JwtTokenAuthenticator from 'simple-auth-token/authenticators/jwt';
 
-export default JwtTokenAuthenticator.extend({
+const { RSVP, isEmpty } = Ember;
+
+export default BaseAuthenticator.extend({
   authenticate: function(token) {
-    return new Ember.RSVP.Promise(resolve => {
+    return new RSVP.Promise((resolve, reject) => {
-      let tokenData = this.getTokenData(token);
+      if (isEmpty(token)) {
-      let expiresAt = tokenData[this.tokenExpireName];
+        reject();
-      let response  = {};
+      } else {
-      response[this.tokenPropertyName] = token;
+        // For now assume that the token we have received is actually valid.
-      response.expiresAt = expiresAt;
+        resolve({'access_token': token});
-      this.scheduleAccessTokenRefresh(expiresAt, token);
+      }
-
-      resolve(this.getResponseData(response));
     });
   },
 
+  restore: function(data) {
+    return RSVP.resolve(data);
+  },
+
+  invalidate: function(data) {
+    return RSVP.resolve();
+  },
 });

app/pods/login/template.hbs

@@ -7,6 +7,6 @@
   </form>
   <br>
   <div>
-    Forget your password? {{link-to 'Request a lockout email.' 'users.requestlockouthelp'}}
+    {{link-to 'Forget your password?' 'users.requestlockouthelp'}}
   </div>
 {{/x-application}}

app/pods/protected/users/changepassword/controller.js

@@ -24,7 +24,7 @@ export default Ember.Controller.extend({
         },
       };
       ajaxRequest(url, options, this.get('session'));
-      this.transitionTo('protected.users.index');
+      this.transitionToRoute('protected.users.index');
       this.get('flashMessages').information('Your password has been changed.');
     },
 

app/pods/users/lockoutauthenticate/route.js

@@ -1,13 +1,19 @@
 import Ember from 'ember';
+import UnauthenticatedRouteMixin from 'ember-simple-auth/mixins/unauthenticated-route-mixin';
 
-export default Ember.Route.extend({
+export default Ember.Route.extend(UnauthenticatedRouteMixin, {
   session: Ember.inject.service('session'),
+  currentUser: Ember.inject.service('session-account'),
 
   beforeModel: function(transition) {
     this._super(transition);
 
     let token = Ember.get(transition, 'queryParams.token');
-    this.get('session').authenticate('authenticator:jwt-resolved', token);
+    this.get('session').authenticate('authenticator:jwt-resolved', token).then(() => {
+      this.get('currentUser.account').then((account) => {
+        this.transitionTo('protected.users.changepassword', account.get('id'));
+      })
+    });
   },
 
 });

app/pods/users/requestlockouthelp/controller.js

@@ -12,7 +12,7 @@ export default Ember.Controller.extend({
         data: { email: this.get('email') },
       };
       ajaxRequest(url, options, this.get('session'));
-      this.transitionTo('login');
+      this.transitionToRoute('login');
       this.get('flashMessages').information('Please check your email');
     },
 

app/pods/users/requestlockouthelp/template.hbs

@@ -1,7 +1,7 @@
 <div class="grid-1">
   <div class="span-1">
     <fieldset>
-      <legend>Account Lockout Access</legend>
+      <legend>Account Lockout/Password Reset</legend>
       <form {{action 'save' on='submit'}}>
         <ul>
           <li>

config/environment.js

@@ -22,6 +22,7 @@ module.exports = function(environment) {
     },
     'ember-simple-auth': {
       routeAfterAuthentication: 'protected.compare',
+      routeIfAlreadyAuthenticated: 'protected.compare',
     },
   };