X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/dd4e7667885db46bc24a79be6431e27cdad13b07..bd4de52c98bcf2830d1b6dcba637cc04d67e11cf:/app/controllers/user_controller.rb diff --git a/app/controllers/user_controller.rb b/app/controllers/user_controller.rb index 3a0e0a149..6390ff19e 100644 --- a/app/controllers/user_controller.rb +++ b/app/controllers/user_controller.rb @@ -45,7 +45,7 @@ class UserController < ApplicationController @user.terms_seen = true if @user.save - flash[:notice] = t "user.new.terms declined", :url => t("user.new.terms declined url") + flash[:notice] = t("user.new.terms declined", :url => t("user.new.terms declined url")).html_safe end if params[:referer] @@ -213,7 +213,7 @@ class UserController < ApplicationController :auth_provider => params[:auth_provider], :auth_uid => params[:auth_uid]) - flash.now[:notice] = t "user.new.auth association" + flash.now[:notice] = render_to_string :partial => "auth_association" else check_signup_allowed end @@ -318,16 +318,19 @@ class UserController < ApplicationController else user = User.find_by_display_name(params[:display_name]) - redirect_to root_path if !user || user.active? + redirect_to root_path if user.nil? || user.active? end end def confirm_resend - if user = User.find_by_display_name(params[:display_name]) - Notifier.signup_confirm(user, user.tokens.create).deliver_now - flash[:notice] = t "user.confirm_resend.success", :email => user.email - else + user = User.find_by_display_name(params[:display_name]) + token = UserToken.find_by_token(session[:token]) + + if user.nil? || token.nil? || token.user != user flash[:error] = t "user.confirm_resend.failure", :name => params[:display_name] + else + Notifier.signup_confirm(user, user.tokens.create).deliver_now + flash[:notice] = t("user.confirm_resend.success", :email => user.email).html_safe end redirect_to :action => "login" @@ -494,7 +497,7 @@ class UserController < ApplicationController when "openid" email_verified = uid.match(%r{https://www.google.com/accounts/o8/id?(.*)}) || uid.match(%r{https://me.yahoo.com/(.*)}) - when "google" + when "google", "facebook" email_verified = true else email_verified = false @@ -622,7 +625,7 @@ class UserController < ApplicationController def failed_login(message) flash[:error] = message - redirect_to :action => "login", :referer => session[:referer] + redirect_to :action => "login", :referer => session[:referer] session.delete(:remember_me) session.delete(:referer) @@ -631,6 +634,8 @@ class UserController < ApplicationController ## # def unconfirmed_login(user) + session[:token] = user.tokens.create.token + redirect_to :action => "confirm", :display_name => user.display_name session.delete(:remember_me)