X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/2111ace158f3dd9496d49f82529074d77557b2d2..629ae62b730409b46de6abc8c5166155841b5a00:/app/controllers/user_controller.rb diff --git a/app/controllers/user_controller.rb b/app/controllers/user_controller.rb index fcd330ec3..0c2514927 100644 --- a/app/controllers/user_controller.rb +++ b/app/controllers/user_controller.rb @@ -318,16 +318,19 @@ class UserController < ApplicationController else user = User.find_by_display_name(params[:display_name]) - redirect_to root_path if !user || user.active? + redirect_to root_path if user.nil? || user.active? end end def confirm_resend - if user = User.find_by_display_name(params[:display_name]) + user = User.find_by_display_name(params[:display_name]) + token = UserToken.find_by_token(session[:token]) + + if user.nil? || token.nil? || token.user != user + flash[:error] = t "user.confirm_resend.failure", :name => params[:display_name] + else Notifier.signup_confirm(user, user.tokens.create).deliver_now flash[:notice] = t "user.confirm_resend.success", :email => user.email - else - flash[:error] = t "user.confirm_resend.failure", :name => params[:display_name] end redirect_to :action => "login" @@ -545,7 +548,7 @@ class UserController < ApplicationController # omniauth failure callback def auth_failure flash[:error] = t("user.auth_failure." + params[:message]) - redirect_to params[:origin] + redirect_to params[:origin] || login_url end private @@ -631,6 +634,8 @@ class UserController < ApplicationController ## # def unconfirmed_login(user) + session[:token] = user.tokens.create.token + redirect_to :action => "confirm", :display_name => user.display_name session.delete(:remember_me)