From 242a4a1aee96fb145e5e0394962e5057bcb59d92 Mon Sep 17 00:00:00 2001 From: Tom Hughes Date: Fri, 12 Jan 2024 17:41:13 +0000 Subject: [PATCH 1/1] Include both copies of the password in the saved user This allows is to go back to hashing passwords when the user is saved. Fixes #4474 --- app/controllers/users_controller.rb | 4 ++-- app/models/user.rb | 1 - 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb index 961be4024..ab13f93be 100644 --- a/app/controllers/users_controller.rb +++ b/app/controllers/users_controller.rb @@ -104,11 +104,11 @@ class UsersController < ApplicationController render :action => "new" elsif current_user.auth_provider.present? # Verify external authenticator before moving on - session[:new_user] = current_user.attributes.slice("email", "display_name", "pass_crypt") + session[:new_user] = current_user.slice("email", "display_name", "pass_crypt", "pass_crypt_confirmation") redirect_to auth_url(current_user.auth_provider, current_user.auth_uid), :status => :temporary_redirect else # Save the user record - session[:new_user] = current_user.attributes.slice("email", "display_name", "pass_crypt") + session[:new_user] = current_user.slice("email", "display_name", "pass_crypt", "pass_crypt_confirmation") redirect_to :action => :terms end end diff --git a/app/models/user.rb b/app/models/user.rb index 5790d81e5..bc95f20c1 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -119,7 +119,6 @@ class User < ApplicationRecord alias_attribute :created_at, :creation_time - after_initialize :encrypt_password before_save :encrypt_password before_save :update_tile after_save :spam_check -- 2.39.5