From d185e2f9e01581ea3d981648cfdd5c4d37209426 Mon Sep 17 00:00:00 2001 From: Jean-Philippe Lang Date: Sun, 4 Feb 2007 15:55:29 +0000 Subject: [PATCH] lost_password option checking in account controller git-svn-id: http://redmine.rubyforge.org/svn/trunk@236 e93f8b46-1217-0410-a6f0-8f06a7374b81 --- app/controllers/account_controller.rb | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/app/controllers/account_controller.rb b/app/controllers/account_controller.rb index 3712ef7e..e561e151 100644 --- a/app/controllers/account_controller.rb +++ b/app/controllers/account_controller.rb @@ -22,7 +22,7 @@ class AccountController < ApplicationController # prevents login action to be filtered by check_if_login_required application scope filter skip_before_filter :check_if_login_required, :only => [:login, :lost_password, :register] - before_filter :require_login, :except => [:show, :login, :lost_password, :register] + before_filter :require_login, :only => :logout # Show user's account def show @@ -57,6 +57,7 @@ class AccountController < ApplicationController # Enable user to choose a new password def lost_password + redirect_to :controller => 'welcome' and return unless Setting.lost_password? if params[:token] @token = Token.find_by_action_and_value("recovery", params[:token]) redirect_to :controller => 'welcome' and return unless @token and !@token.expired?