lino.jorzick/greenlight
1
0
Fork 0
forked from External/greenlight
Code Issues Pull Requests Projects Releases Wiki Activity

Fixed issue with account activation allowing it to be circumvented (#2324)

Browse Source
This commit is contained in:
Ahmad Farhat
2020-12-01 18:21:09 -05:00
committed by GitHub
parent 81907d0285
commit 95b86b167e
2 changed files with 12 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
spec/controllers/account_activations_controller_spec.rb
View File

@ -85,7 +85,7 @@ describe AccountActivationsController, type: :controller do
it "resends the email to the current user if the resend button is clicked" do
user = create(:user, email_verified: false, provider: "greenlight")
expect { get :resend, params: { token: user.create_activation_token } }
expect { get :resend, params: { digest: User.hash_token(user.create_activation_token) } }
.to change { ActionMailer::Base.deliveries.count }.by(1)
expect(flash[:success]).to be_present
expect(response).to redirect_to(root_path)
@ -94,7 +94,7 @@ describe AccountActivationsController, type: :controller do
it "redirects a verified user to the root path" do
user = create(:user, provider: "greenlight")
get :resend, params: { token: user.create_activation_token }
get :resend, params: { digest: User.hash_token(user.create_activation_token) }
expect(flash[:alert]).to be_present
expect(response).to redirect_to(root_path)