From ed6dfed67fa85c0a0a642ca418cae714bca9192d Mon Sep 17 00:00:00 2001 From: Gabe da Silveira Date: Fri, 29 Jul 2011 14:26:19 -0700 Subject: [PATCH] Resetting password should confirm implicitly --- lib/devise/models/recoverable.rb | 6 +++++- test/integration/recoverable_test.rb | 13 +++++++++++-- 2 files changed, 16 insertions(+), 3 deletions(-) diff --git a/lib/devise/models/recoverable.rb b/lib/devise/models/recoverable.rb index 6d002052..77c30736 100644 --- a/lib/devise/models/recoverable.rb +++ b/lib/devise/models/recoverable.rb @@ -29,7 +29,11 @@ module Devise def reset_password!(new_password, new_password_confirmation) self.password = new_password self.password_confirmation = new_password_confirmation - clear_reset_password_token if valid? + if valid? + clear_reset_password_token + confirm! if respond_to?(:confirmed?) && !confirmed? + end + save end diff --git a/test/integration/recoverable_test.rb b/test/integration/recoverable_test.rb index 5303aed6..5e7b00a4 100644 --- a/test/integration/recoverable_test.rb +++ b/test/integration/recoverable_test.rb @@ -174,8 +174,8 @@ class PasswordTest < ActionController::IntegrationTest assert warden.authenticated?(:user) end - test 'does not sign in user automatically after changing its password if its not active' do - user = create_user(:confirm => false) + test 'does not sign in user automatically after changing its password if its locked' do + user = create_user(:locked => true) request_forgot_password reset_password :reset_password_token => user.reload.reset_password_token @@ -183,6 +183,15 @@ class PasswordTest < ActionController::IntegrationTest assert !warden.authenticated?(:user) end + test 'sign in user automatically and confirm after changing its password if its not confirmed' do + user = create_user(:confirm => false) + request_forgot_password + reset_password :reset_password_token => user.reload.reset_password_token + + assert warden.authenticated?(:user) + assert user.reload.confirmed? + end + test 'reset password request with valid E-Mail in XML format should return valid response' do create_user post user_password_path(:format => 'xml'), :user => {:email => "user@test.com"}