mirror of
https://github.com/heartcombo/devise.git
synced 2022-11-09 12:18:31 -05:00
Ensure a new token is generated if the previous one expired
This commit is contained in:
José Valim
parent
f4db03d31c
commit
6e79c5c242
2 changed files with 21 additions and 8 deletions
|
|
@ -50,6 +50,12 @@ module Devise
|
||||||
# add errors
|
# add errors
|
||||||
def confirm!
|
def confirm!
|
||||||
pending_any_confirmation do
|
pending_any_confirmation do
|
||||||
|
if confirmation_period_expired?
|
||||||
|
self.errors.add(:email, :confirmation_period_expired,
|
||||||
|
:period => Devise::TimeInflector.time_ago_in_words(self.class.confirm_within.ago))
|
||||||
|
return false
|
||||||
|
end
|
||||||
|
|
||||||
self.confirmation_token = nil
|
self.confirmation_token = nil
|
||||||
self.confirmed_at = Time.now.utc
|
self.confirmed_at = Time.now.utc
|
||||||
|
|
||||||
|
|
@ -86,7 +92,10 @@ module Devise
|
||||||
|
|
||||||
# Resend confirmation token. This method does not need to generate a new token.
|
# Resend confirmation token. This method does not need to generate a new token.
|
||||||
def resend_confirmation_token
|
def resend_confirmation_token
|
||||||
pending_any_confirmation { send_confirmation_instructions }
|
pending_any_confirmation do
|
||||||
|
self.confirmation_token = nil if confirmation_period_expired?
|
||||||
|
send_confirmation_instructions
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
# Overwrites active_for_authentication? for confirmation
|
# Overwrites active_for_authentication? for confirmation
|
||||||
|
|
@ -177,14 +186,8 @@ module Devise
|
||||||
|
|
||||||
# Checks whether the record requires any confirmation.
|
# Checks whether the record requires any confirmation.
|
||||||
def pending_any_confirmation
|
def pending_any_confirmation
|
||||||
expired = confirmation_period_expired?
|
if (!confirmed? || pending_reconfirmation?)
|
||||||
|
|
||||||
if (!confirmed? || pending_reconfirmation?) && !expired
|
|
||||||
yield
|
yield
|
||||||
elsif expired
|
|
||||||
self.errors.add(:email, :confirmation_period_expired,
|
|
||||||
:period => Devise::TimeInflector.time_ago_in_words(self.class.confirm_within.ago))
|
|
||||||
false
|
|
||||||
else
|
else
|
||||||
self.errors.add(:email, :already_confirmed)
|
self.errors.add(:email, :already_confirmed)
|
||||||
false
|
false
|
||||||
|
|
|
||||||
|
|
@ -259,6 +259,16 @@ class ConfirmableTest < ActiveSupport::TestCase
|
||||||
assert_not confirm_user_by_token_with_confirmation_sent_at(4.days.ago)
|
assert_not confirm_user_by_token_with_confirmation_sent_at(4.days.ago)
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
test 'should generate a new token if the previous one has expired' do
|
||||||
|
swap Devise, :confirm_within => 3.days do
|
||||||
|
user = create_user
|
||||||
|
user.update_attribute(:confirmation_sent_at, 4.days.ago)
|
||||||
|
old = user.confirmation_token
|
||||||
|
user.resend_confirmation_token
|
||||||
|
assert_not_equal user.confirmation_token, old
|
||||||
|
end
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
class ReconfirmableTest < ActiveSupport::TestCase
|
class ReconfirmableTest < ActiveSupport::TestCase
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue