X-Git-Url: https://git.openstreetmap.org/rails.git/blobdiff_plain/f4571eeb7cb4f920bb5d642c9e1c37c9495fc6ba..b34b89845122aff079af055f5adfc909c1e6ac9e:/app/controllers/user_controller.rb diff --git a/app/controllers/user_controller.rb b/app/controllers/user_controller.rb index c3ab012e3..bea700331 100644 --- a/app/controllers/user_controller.rb +++ b/app/controllers/user_controller.rb @@ -8,6 +8,8 @@ class UserController < ApplicationController before_filter :check_database_readable, :except => [:api_details, :api_gpx_files] before_filter :check_database_writable, :only => [:login, :new, :set_home, :account, :go_public, :make_friend, :remove_friend, :upload_image, :delete_image] before_filter :check_api_readable, :only => [:api_details, :api_gpx_files] + before_filter :require_allow_read_prefs, :only => [:api_details] + before_filter :require_allow_read_gpx, :only => [:api_gpx_files] filter_parameter_logging :password, :pass_crypt, :pass_crypt_confirmation @@ -27,7 +29,7 @@ class UserController < ApplicationController if @user.save flash[:notice] = t 'user.new.flash create success message' - Notifier.deliver_signup_confirm(@user, @user.tokens.create) + Notifier.deliver_signup_confirm(@user, @user.tokens.create(:referer => params[:referer])) redirect_to :action => 'login' else render :action => 'new' @@ -37,6 +39,7 @@ class UserController < ApplicationController def account @title = t 'user.account.title' + @tokens = @user.oauth_tokens.find :all, :conditions => 'oauth_tokens.invalidated_at is null and oauth_tokens.authorized_at is not null' if params[:user] and params[:user][:display_name] and params[:user][:description] if params[:user][:email] != @user.email @@ -95,9 +98,9 @@ class UserController < ApplicationController if user token = user.tokens.create Notifier.deliver_lost_password(user, token) - flash[:notice] = t 'user.lost_password.notice email on way' + @notice = t 'user.lost_password.notice email on way' else - flash[:notice] = t 'user.lost_password.notice email cannot find' + @notice = t 'user.lost_password.notice email cannot find' end end end @@ -105,25 +108,29 @@ class UserController < ApplicationController def reset_password @title = t 'user.reset_password.title' - if params['token'] + if params[:token] token = UserToken.find_by_token(params[:token]) + if token - pass = OSM::make_token(8) - user = token.user - user.pass_crypt = pass - user.pass_crypt_confirmation = pass - user.active = true - user.email_valid = true - user.save! - token.destroy - Notifier.deliver_reset_password(user, pass) - flash[:notice] = t 'user.reset_password.flash changed check mail' + @user = token.user + + if params[:user] + @user.pass_crypt = params[:user][:pass_crypt] + @user.pass_crypt_confirmation = params[:user][:pass_crypt_confirmation] + @user.active = true + @user.email_valid = true + + if @user.save + token.destroy + flash[:notice] = t 'user.reset_password.flash changed' + redirect_to :action => 'login' + end + end else flash[:notice] = t 'user.reset_password.flash token bad' + redirect_to :action => 'lost_password' end end - - redirect_to :action => 'login' end def new @@ -191,10 +198,15 @@ class UserController < ApplicationController @user.active = true @user.email_valid = true @user.save! + referer = token.referer token.destroy flash[:notice] = t 'user.confirm.success' session[:user] = @user.id - redirect_to :action => 'account', :display_name => @user.display_name + unless referer.nil? + redirect_to referer + else + redirect_to :action => 'account', :display_name => @user.display_name + end else @notice = t 'user.confirm.failure' end