diff options
author | nullkal <nullkal@users.noreply.github.com> | 2017-08-04 00:45:45 +0900 |
---|---|---|
committer | Eugen Rochko <eugen@zeonfederated.com> | 2017-08-03 17:45:45 +0200 |
commit | dfcd2834f9589bda573eb133057588f351f570b5 (patch) | |
tree | bb6515cc278cab6e00ca9a607eebedee1a47e57e /app/controllers/auth | |
parent | 09e86ef90b1e220bca54b5b3cb270d7672237c13 (diff) |
Redirect to PasswordController#new when reset_password_token is invalid (#4506)
Diffstat (limited to 'app/controllers/auth')
-rw-r--r-- | app/controllers/auth/passwords_controller.rb | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/app/controllers/auth/passwords_controller.rb b/app/controllers/auth/passwords_controller.rb index 54ee1c39c..171b997dc 100644 --- a/app/controllers/auth/passwords_controller.rb +++ b/app/controllers/auth/passwords_controller.rb @@ -1,5 +1,20 @@ # frozen_string_literal: true class Auth::PasswordsController < Devise::PasswordsController + before_action :check_validity_of_reset_password_token, only: :edit + layout 'auth' + + private + + def check_validity_of_reset_password_token + unless reset_password_token_is_valid? + flash[:error] = I18n.t('auth.invalid_reset_password_token') + redirect_to new_password_path(resource_name) + end + end + + def reset_password_token_is_valid? + resource_class.with_reset_password_token(params[:reset_password_token]).present? + end end |