Commit 9df14763 authored by Dmitriy Zaporozhets's avatar Dmitriy Zaporozhets

Merge branch 'rs-issue-1942' into 'master'

Upon successful login, clear `reset_password_token` field

Closes #1942

See merge request !1757
parents 0e09cb28 57afaf9d
...@@ -26,6 +26,12 @@ class SessionsController < Devise::SessionsController ...@@ -26,6 +26,12 @@ class SessionsController < Devise::SessionsController
end end
def create def create
super super do |resource|
# User has successfully signed in, so clear any unused reset tokens
if resource.reset_password_token.present?
resource.update_attributes(reset_password_token: nil,
reset_password_sent_at: nil)
end
end
end end
end end
require 'spec_helper' require 'spec_helper'
describe 'Users', feature: true do feature 'Users' do
describe "GET /users/sign_in" do around do |ex|
it "should create a new user account" do old_url_options = Rails.application.routes.default_url_options
Rails.application.routes.default_url_options = { host: 'example.foo' }
ex.run
Rails.application.routes.default_url_options = old_url_options
end
scenario 'GET /users/sign_in creates a new user account' do
visit new_user_session_path visit new_user_session_path
fill_in "user_name", with: "Name Surname" fill_in 'user_name', with: 'Name Surname'
fill_in "user_username", with: "Great" fill_in 'user_username', with: 'Great'
fill_in "user_email", with: "name@mail.com" fill_in 'user_email', with: 'name@mail.com'
fill_in "user_password_sign_up", with: "password1234" fill_in 'user_password_sign_up', with: 'password1234'
expect { click_button "Sign up" }.to change { User.count }.by(1) expect { click_button 'Sign up' }.to change { User.count }.by(1)
end end
scenario 'Successful user signin invalidates password reset token' do
user = create(:user)
expect(user.reset_password_token).to be_nil
visit new_user_password_path
fill_in 'user_email', with: user.email
click_button 'Reset password'
user.reload
expect(user.reset_password_token).not_to be_nil
login_with(user)
expect(current_path).to eq root_path
user.reload
expect(user.reset_password_token).to be_nil
end end
end end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment