From 037e4f1c43a75226ad414d468ef4a09f36b20fba Mon Sep 17 00:00:00 2001
From: Ahmad Farhat <ahmad.af.farhat@gmail.com>
Date: Tue, 3 Mar 2020 14:43:10 -0500
Subject: [PATCH] Scoped reset password to provider (#978)

---
 app/controllers/password_resets_controller.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/controllers/password_resets_controller.rb b/app/controllers/password_resets_controller.rb
index 715594e0..1b8098f6 100644
--- a/app/controllers/password_resets_controller.rb
+++ b/app/controllers/password_resets_controller.rb
@@ -32,7 +32,7 @@ class PasswordResetsController < ApplicationController
   def create
     begin
       # Check if user exists and throw an error if he doesn't
-      @user = User.find_by!(email: params[:password_reset][:email].downcase)
+      @user = User.find_by!(email: params[:password_reset][:email].downcase, provider: @user_domain)
 
       @user.create_reset_digest
       send_password_reset_email(@user)