X-Git-Url: https://git.openstreetmap.org/rails.git/blobdiff_plain/4e237db3902fd9cd9d2f55131c8bba2e830e87fd..ae87d2ca7f602cd6005efb2ad41f2c580eb6406f:/app/controllers/passwords_controller.rb

diff --git a/app/controllers/passwords_controller.rb b/app/controllers/passwords_controller.rb
index 25b2b9607..26b21b6d9 100644
--- a/app/controllers/passwords_controller.rb
+++ b/app/controllers/passwords_controller.rb
@@ -19,8 +19,7 @@ class PasswordsController < ApplicationController
     @title = t ".title"
 
     if params[:token]
-      self.current_user = User.find_by_token_for(:password_reset, params[:token]) ||
-                          UserToken.unexpired.find_by(:token => params[:token])&.user
+      self.current_user = User.find_by_token_for(:password_reset, params[:token])
 
       if current_user.nil?
         flash[:error] = t ".flash token bad"
@@ -51,8 +50,7 @@ class PasswordsController < ApplicationController
 
   def update
     if params[:token]
-      self.current_user = User.find_by_token_for(:password_reset, params[:token]) ||
-                          UserToken.unexpired.find_by(:token => params[:token])&.user
+      self.current_user = User.find_by_token_for(:password_reset, params[:token])
 
       if current_user
         if params[:user]
@@ -62,7 +60,6 @@ class PasswordsController < ApplicationController
           current_user.email_valid = true
 
           if current_user.save
-            UserToken.delete_by(:token => params[:token])
             session[:fingerprint] = current_user.fingerprint
             flash[:notice] = t ".flash changed"
             successful_login(current_user)