X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/4bca24a7beb4a78cecfeaa775d41662497f9930f..2d7e0a397a1b2dbed74f40439c1305b1b48a063e:/app/controllers/passwords_controller.rb?ds=inline diff --git a/app/controllers/passwords_controller.rb b/app/controllers/passwords_controller.rb index 87d25df68..26b21b6d9 100644 --- a/app/controllers/passwords_controller.rb +++ b/app/controllers/passwords_controller.rb @@ -19,11 +19,9 @@ class PasswordsController < ApplicationController @title = t ".title" if params[:token] - token = UserToken.find_by(:token => params[:token]) + self.current_user = User.find_by_token_for(:password_reset, params[:token]) - if token - self.current_user = token.user - else + if current_user.nil? flash[:error] = t ".flash token bad" redirect_to :action => "new" end @@ -42,23 +40,19 @@ class PasswordsController < ApplicationController end if user - token = user.tokens.create + token = user.generate_token_for(:password_reset) UserMailer.lost_password(user, token).deliver_later - flash[:notice] = t ".notice email on way" - redirect_to login_path - else - flash.now[:error] = t ".notice email cannot find" - render :new end + + flash[:notice] = t ".send_paranoid_instructions" + redirect_to login_path end def update if params[:token] - token = UserToken.find_by(:token => params[:token]) - - if token - self.current_user = token.user + self.current_user = User.find_by_token_for(:password_reset, params[:token]) + if current_user if params[:user] current_user.pass_crypt = params[:user][:pass_crypt] current_user.pass_crypt_confirmation = params[:user][:pass_crypt_confirmation] @@ -66,7 +60,6 @@ class PasswordsController < ApplicationController current_user.email_valid = true if current_user.save - token.destroy session[:fingerprint] = current_user.fingerprint flash[:notice] = t ".flash changed" successful_login(current_user)