From 620416f18ad4ed2ef374791a3187503df4e040c5 Mon Sep 17 00:00:00 2001 From: Ahmad Farhat Date: Tue, 4 Aug 2020 14:04:47 -0400 Subject: [PATCH] Fixed issue causing account verify to throw 404 (#1987) --- app/controllers/account_activations_controller.rb | 7 ++++++- app/controllers/rooms_controller.rb | 2 +- app/controllers/sessions_controller.rb | 2 +- spec/controllers/account_activations_controller_spec.rb | 3 ++- spec/controllers/sessions_controller_spec.rb | 2 +- 5 files changed, 11 insertions(+), 5 deletions(-) diff --git a/app/controllers/account_activations_controller.rb b/app/controllers/account_activations_controller.rb index 2a08afa2..3956b3bb 100644 --- a/app/controllers/account_activations_controller.rb +++ b/app/controllers/account_activations_controller.rb @@ -20,7 +20,8 @@ class AccountActivationsController < ApplicationController include Emailer before_action :ensure_unauthenticated - before_action :find_user + before_action :find_user, except: :show + before_action :find_user_by_digest, only: :show # GET /account_activations def show @@ -63,6 +64,10 @@ class AccountActivationsController < ApplicationController @user = User.find_by!(activation_digest: User.hash_token(params[:token]), provider: @user_domain) end + def find_user_by_digest + @user = User.find_by!(activation_digest: params[:digest], provider: @user_domain) + end + def ensure_unauthenticated redirect_to current_user.main_room if current_user end diff --git a/app/controllers/rooms_controller.rb b/app/controllers/rooms_controller.rb index 7624eb81..a67ce136 100644 --- a/app/controllers/rooms_controller.rb +++ b/app/controllers/rooms_controller.rb @@ -371,7 +371,7 @@ class RoomsController < ApplicationController end def validate_verified_email - redirect_to account_activation_path(current_user) if current_user && !current_user&.activated? + redirect_to account_activation_path(digest: current_user.activation_digest) if current_user && !current_user&.activated? end def verify_room_owner_verified diff --git a/app/controllers/sessions_controller.rb b/app/controllers/sessions_controller.rb index c3db89c5..eaa5e5ea 100644 --- a/app/controllers/sessions_controller.rb +++ b/app/controllers/sessions_controller.rb @@ -88,7 +88,7 @@ class SessionsController < ApplicationController # Check that the user is a Greenlight account return redirect_to(root_path, alert: I18n.t("invalid_login_method")) unless user.greenlight_account? # Check that the user has verified their account - return redirect_to(account_activation_path(token: user.create_activation_token)) unless user.activated? + return redirect_to(account_activation_path(digest: user.activation_digest)) unless user.activated? end login(user) diff --git a/spec/controllers/account_activations_controller_spec.rb b/spec/controllers/account_activations_controller_spec.rb index 9a78abb0..5b7bbe37 100644 --- a/spec/controllers/account_activations_controller_spec.rb +++ b/spec/controllers/account_activations_controller_spec.rb @@ -34,8 +34,9 @@ describe AccountActivationsController, type: :controller do it "renders the verify view if the user is not signed in and is not verified" do user = create(:user, email_verified: false, provider: "greenlight") + user.create_activation_token - get :show, params: { token: user.create_activation_token } + get :show, params: { digest: user.activation_digest } expect(response).to render_template(:show) end diff --git a/spec/controllers/sessions_controller_spec.rb b/spec/controllers/sessions_controller_spec.rb index 643a1ac5..ec80de43 100644 --- a/spec/controllers/sessions_controller_spec.rb +++ b/spec/controllers/sessions_controller_spec.rb @@ -144,7 +144,7 @@ describe SessionsController, type: :controller do expect(@request.session[:user_id]).to be_nil # Expect to redirect to activation path since token is not known here - expect(response.location.start_with?(account_activation_url(token: ""))).to be true + expect(response.location.start_with?(account_activation_url(digest: @user3.activation_digest))).to be true end it "should not login user if account is deleted" do