class Admin::PasswordResetsController

def update

def update
  @user = User.find_by_password_reset_token!(params[:id])
  if @user.password_reset_sent_at < 2.hours.ago
    redirect_to new_password_reset_path, :alert => "Password reset has expired."
  elsif @user.update_attributes(password_params)
    redirect_to welcome_url, :notice => "Password has been reset!"
  else
    render :edit
  end
end

Instance Methods