X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/b8fad531e47641fc402203edc732c1484d28733a..8a020b3ec727b8c9fa4d819855469dd348e58ee7:/app/controllers/passwords_controller.rb?ds=inline diff --git a/app/controllers/passwords_controller.rb b/app/controllers/passwords_controller.rb index 8025fd700..26b21b6d9 100644 --- a/app/controllers/passwords_controller.rb +++ b/app/controllers/passwords_controller.rb @@ -19,8 +19,7 @@ class PasswordsController < ApplicationController @title = t ".title" if params[:token] - self.current_user = User.find_by_token_for(:password_reset, params[:token]) || - UserToken.unexpired.find_by(:token => params[:token])&.user + self.current_user = User.find_by_token_for(:password_reset, params[:token]) if current_user.nil? flash[:error] = t ".flash token bad" @@ -43,18 +42,15 @@ class PasswordsController < ApplicationController if user token = user.generate_token_for(:password_reset) UserMailer.lost_password(user, token).deliver_later - flash[:notice] = t ".notice email on way" - redirect_to login_path - else - flash.now[:error] = t ".notice email cannot find" - render :new end + + flash[:notice] = t ".send_paranoid_instructions" + redirect_to login_path end def update if params[:token] - self.current_user = User.find_by_token_for(:password_reset, params[:token]) || - UserToken.unexpired.find_by(:token => params[:token])&.user + self.current_user = User.find_by_token_for(:password_reset, params[:token]) if current_user if params[:user] @@ -64,7 +60,6 @@ class PasswordsController < ApplicationController current_user.email_valid = true if current_user.save - UserToken.delete_by(:token => params[:token]) session[:fingerprint] = current_user.fingerprint flash[:notice] = t ".flash changed" successful_login(current_user)