X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/ad2739347b5fc7c57d8b7131580fda10cc77f108..95e1aff23493b3725d5259bcca7bcc79d7d3bc26:/app/controllers/confirmations_controller.rb diff --git a/app/controllers/confirmations_controller.rb b/app/controllers/confirmations_controller.rb index 604e6b5b3..7bbb3a093 100644 --- a/app/controllers/confirmations_controller.rb +++ b/app/controllers/confirmations_controller.rb @@ -15,41 +15,33 @@ class ConfirmationsController < ApplicationController def confirm if request.post? - token = UserToken.find_by(:token => params[:confirm_string]) - if token&.user&.active? - flash[:error] = t(".already active") - redirect_to login_path - elsif !token || token.expired? + user = User.find_by_token_for(:new_user, params[:confirm_string]) + + if !user flash[:error] = t(".unknown token") redirect_to :action => "confirm" - elsif !token.user.visible? - render_unknown_user token.user.display_name + elsif user.active? + flash[:error] = t(".already active") + redirect_to login_path + elsif !user.visible? + render_unknown_user user.display_name else - user = token.user user.activate user.email_valid = true flash[:notice] = gravatar_status_message(user) if gravatar_enable(user) user.save! - referer = safe_referer(token.referer) if token.referer - token.destroy + referer = safe_referer(params[:referer]) if params[:referer] - if session[:token] - token = UserToken.find_by(:token => session[:token]) - session.delete(:token) - else - token = nil - end - - if token.nil? || token.user != user - flash[:notice] = t(".success") - redirect_to login_path(:referer => referer) - else - token.destroy + pending_user = session.delete(:pending_user) + if user.id == pending_user session[:user] = user.id session[:fingerprint] = user.fingerprint redirect_to referer || welcome_path + else + flash[:notice] = t(".success") + redirect_to login_path(:referer => referer) end end else @@ -61,12 +53,11 @@ class ConfirmationsController < ApplicationController def confirm_resend user = User.visible.find_by(:display_name => params[:display_name]) - token = UserToken.find_by(:token => session[:token]) - if user.nil? || token.nil? || token.user != user + if user.nil? || user.id != session[:pending_user] flash[:error] = t ".failure", :name => params[:display_name] else - UserMailer.signup_confirm(user, user.tokens.create).deliver_later + UserMailer.signup_confirm(user, user.generate_token_for(:new_user)).deliver_later flash[:notice] = { :partial => "confirmations/resend_success_flash", :locals => { :email => user.email, :sender => Settings.email_from } } end @@ -75,10 +66,7 @@ class ConfirmationsController < ApplicationController def confirm_email if request.post? - token = params[:confirm_string] - - self.current_user = User.find_by_token_for(:new_email, token) || - UserToken.unexpired.find_by(:token => params[:confirm_string])&.user + self.current_user = User.find_by_token_for(:new_email, params[:confirm_string]) if current_user&.new_email? current_user.email = current_user.new_email @@ -94,7 +82,6 @@ class ConfirmationsController < ApplicationController else flash[:errors] = current_user.errors end - current_user.tokens.delete_all session[:user] = current_user.id session[:fingerprint] = current_user.fingerprint elsif current_user