# Offense count: 26
# Configuration parameters: CountComments, CountAsOne.
Metrics/ClassLength:
- Max: 305
+ Max: 307
# Offense count: 59
# Configuration parameters: AllowedMethods, AllowedPatterns.
@title = t ".title"
if params[:token]
- token = UserToken.find_by(:token => params[:token])
+ self.current_user = User.find_by_token_for(:password_reset, params[:token]) ||
+ UserToken.unexpired.find_by(:token => params[:token])&.user
- if token
- self.current_user = token.user
- else
+ if current_user.nil?
flash[:error] = t ".flash token bad"
redirect_to :action => "new"
end
end
if user
- token = user.tokens.create
+ token = user.generate_token_for(:password_reset)
UserMailer.lost_password(user, token).deliver_later
flash[:notice] = t ".notice email on way"
redirect_to login_path
def update
if params[:token]
- token = UserToken.find_by(:token => params[:token])
-
- if token
- self.current_user = token.user
+ self.current_user = User.find_by_token_for(:password_reset, params[:token]) ||
+ UserToken.unexpired.find_by(:token => params[:token])&.user
+ if current_user
if params[:user]
current_user.pass_crypt = params[:user][:pass_crypt]
current_user.pass_crypt_confirmation = params[:user][:pass_crypt_confirmation]
current_user.email_valid = true
if current_user.save
- token.destroy
+ UserToken.delete_by(:token => params[:token])
session[:fingerprint] = current_user.fingerprint
flash[:notice] = t ".flash changed"
successful_login(current_user)
def lost_password(user, token)
with_recipient_locale user do
- @url = user_reset_password_url(:token => token.token)
+ @url = user_reset_password_url(:token => token)
mail :to => user.email,
:subject => t(".subject")
before_save :update_tile
after_save :spam_check
+ generates_token_for :password_reset, :expires_in => 1.week do
+ fingerprint
+ end
+
def display_name_cannot_be_user_id_with_other_id
display_name&.match(/^user_(\d+)$/i) do |m|
errors.add :display_name, I18n.t("activerecord.errors.messages.display_name_is_user_n") unless m[1].to_i == id
assert_redirected_to :action => :new
# Create a valid token for a user
- token = user.tokens.create
+ token = user.generate_token_for(:password_reset)
# Test a request with a valid token
- get user_reset_password_path, :params => { :token => token.token }
+ get user_reset_password_path, :params => { :token => token }
assert_response :success
assert_template :edit
# Test that errors are reported for erroneous submissions
- post user_reset_password_path, :params => { :token => token.token, :user => { :pass_crypt => "new_password", :pass_crypt_confirmation => "different_password" } }
+ post user_reset_password_path, :params => { :token => token, :user => { :pass_crypt => "new_password", :pass_crypt_confirmation => "different_password" } }
assert_response :success
assert_template :edit
assert_select "div.invalid-feedback"
# Test setting a new password
- post user_reset_password_path, :params => { :token => token.token, :user => { :pass_crypt => "new_password", :pass_crypt_confirmation => "new_password" } }
+ post user_reset_password_path, :params => { :token => token, :user => { :pass_crypt => "new_password", :pass_crypt_confirmation => "new_password" } }
assert_response :redirect
assert_redirected_to root_path
assert_equal user.id, session[:user]
projects / rails.git / commitdiff