]> git.openstreetmap.org Git - rails.git/blobdiff - app/controllers/confirmations_controller.rb
Merge pull request #5501 from openstreetmap/dependabot/npm_and_yarn/qs-6.14.0
[rails.git] / app / controllers / confirmations_controller.rb
index 48b8dabf2d9ec770b460d8c3f8ee025a4958c892..72c1955e039ebf225f862752dff681b978fc2e78 100644 (file)
@@ -15,10 +15,7 @@ class ConfirmationsController < ApplicationController
 
   def confirm
     if request.post?
-      token = params[:confirm_string]
-
-      user = User.find_by_token_for(:new_user, token) ||
-             UserToken.unexpired.find_by(:token => token)&.user
+      user = User.find_by_token_for(:new_user, params[:confirm_string])
 
       if !user
         flash[:error] = t(".unknown token")
@@ -33,8 +30,8 @@ class ConfirmationsController < ApplicationController
         user.email_valid = true
         flash[:notice] = gravatar_status_message(user) if gravatar_enable(user)
         user.save!
+        cookies.delete :_osm_anonymous_notes_count
         referer = safe_referer(params[:referer]) if params[:referer]
-        UserToken.delete_by(:token => token)
 
         pending_user = session.delete(:pending_user)
 
@@ -70,10 +67,7 @@ class ConfirmationsController < ApplicationController
 
   def confirm_email
     if request.post?
-      token = params[:confirm_string]
-
-      self.current_user = User.find_by_token_for(:new_email, token) ||
-                          UserToken.unexpired.find_by(:token => params[:confirm_string])&.user
+      self.current_user = User.find_by_token_for(:new_email, params[:confirm_string])
 
       if current_user&.new_email?
         current_user.email = current_user.new_email
@@ -89,7 +83,6 @@ class ConfirmationsController < ApplicationController
         else
           flash[:errors] = current_user.errors
         end
-        current_user.tokens.delete_all
         session[:user] = current_user.id
         session[:fingerprint] = current_user.fingerprint
       elsif current_user