MetuFSS
/
metu.life
2
1
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Redirect to PasswordController#new when reset_password_token is invalid (#4506)

Browse Source
master
nullkal 7 years ago committed by Eugen Rochko
parent 09e86ef90b
commit dfcd2834f9
3 changed files with 41 additions and 0 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 15
      app/controllers/auth/passwords_controller.rb
  2. 1
      config/locales/en.yml
  3. 25
      spec/controllers/auth/passwords_controller_spec.rb

15
app/controllers/auth/passwords_controller.rb
Unescape View File

@ -1,5 +1,20 @@
# frozen_string_literal: true # frozen_string_literal: true
class Auth::PasswordsController < Devise::PasswordsController class Auth::PasswordsController < Devise::PasswordsController
before_action :check_validity_of_reset_password_token, only: :edit
layout 'auth' layout 'auth'
private
def check_validity_of_reset_password_token
unless reset_password_token_is_valid?
flash[:error] = I18n.t('auth.invalid_reset_password_token')
redirect_to new_password_path(resource_name)
end
end
def reset_password_token_is_valid?
resource_class.with_reset_password_token(params[:reset_password_token]).present?
end
end end

1
config/locales/en.yml
Unescape View File

@ -234,6 +234,7 @@ en:
resend_confirmation: Resend confirmation instructions resend_confirmation: Resend confirmation instructions
reset_password: Reset password reset_password: Reset password
set_new_password: Set new password set_new_password: Set new password
invalid_reset_password_token: Password reset link is invalid or expired. Please try again.
authorize_follow: authorize_follow:
error: Unfortunately, there was an error looking up the remote account error: Unfortunately, there was an error looking up the remote account
follow: Follow follow: Follow

25
spec/controllers/auth/passwords_controller_spec.rb
Unescape View File

@ -3,6 +3,8 @@
require 'rails_helper' require 'rails_helper'
describe Auth::PasswordsController, type: :controller do describe Auth::PasswordsController, type: :controller do
include Devise::Test::ControllerHelpers
describe 'GET #new' do describe 'GET #new' do
it 'returns http success' do it 'returns http success' do
@request.env['devise.mapping'] = Devise.mappings[:user] @request.env['devise.mapping'] = Devise.mappings[:user]
@ -10,4 +12,27 @@ describe Auth::PasswordsController, type: :controller do
expect(response).to have_http_status(:success) expect(response).to have_http_status(:success)
end end
end end
describe 'GET #edit' do
let(:user) { Fabricate(:user) }
before do
request.env['devise.mapping'] = Devise.mappings[:user]
@token = user.send_reset_password_instructions
end
context 'with valid reset_password_token' do
it 'returns http success' do
get :edit, params: { reset_password_token: @token }
expect(response).to have_http_status(:success)
end
end
context 'with invalid reset_password_token' do
it 'redirects to #new' do
get :edit, params: { reset_password_token: 'some_invalid_value' }
expect(response).to redirect_to subject.new_password_path(subject.send(:resource_name))
end
end
end
end end

Write Preview
Loading…
Cancel
Save