[#309] Set the back_url after sending a lost password so HTTP_REFERER isn't used
Contributed by Robert Chady
This commit is contained in:
parent
7f47401a03
commit
ed252f7246
|
@ -67,7 +67,7 @@ class AccountController < ApplicationController
|
||||||
if token.save
|
if token.save
|
||||||
Mailer.deliver_lost_password(token)
|
Mailer.deliver_lost_password(token)
|
||||||
flash[:notice] = l(:notice_account_lost_email_sent)
|
flash[:notice] = l(:notice_account_lost_email_sent)
|
||||||
redirect_to :action => 'login'
|
redirect_to :action => 'login', :back_url => home_url
|
||||||
return
|
return
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
|
@ -77,7 +77,7 @@ class AccountTest < ActionController::IntegrationTest
|
||||||
assert_template "account/lost_password"
|
assert_template "account/lost_password"
|
||||||
|
|
||||||
post "account/lost_password", :mail => 'jSmith@somenet.foo'
|
post "account/lost_password", :mail => 'jSmith@somenet.foo'
|
||||||
assert_redirected_to "/login"
|
assert_redirected_to "/login?back_url=http%3A%2F%2Fwww.example.com%2F"
|
||||||
|
|
||||||
token = Token.find(:first)
|
token = Token.find(:first)
|
||||||
assert_equal 'recovery', token.action
|
assert_equal 'recovery', token.action
|
||||||
|
@ -144,6 +144,30 @@ class AccountTest < ActionController::IntegrationTest
|
||||||
log_user('newuser', 'newpass')
|
log_user('newuser', 'newpass')
|
||||||
end
|
end
|
||||||
|
|
||||||
|
should_eventually "login after losing password should redirect back to home" do
|
||||||
|
visit "/login"
|
||||||
|
assert_response :success
|
||||||
|
|
||||||
|
click_link "Lost password"
|
||||||
|
assert_response :success
|
||||||
|
|
||||||
|
# Lost password form
|
||||||
|
fill_in "mail", :with => "admin@somenet.foo"
|
||||||
|
click_button "Submit"
|
||||||
|
|
||||||
|
assert_response :success # back to login page
|
||||||
|
assert_equal "/login", current_path
|
||||||
|
|
||||||
|
fill_in "Login:", :with => 'admin'
|
||||||
|
fill_in "Password:", :with => 'test'
|
||||||
|
click_button "login"
|
||||||
|
|
||||||
|
assert_response :success
|
||||||
|
assert_equal "/", current_path
|
||||||
|
|
||||||
|
end
|
||||||
|
|
||||||
|
|
||||||
if Object.const_defined?(:Mocha)
|
if Object.const_defined?(:Mocha)
|
||||||
|
|
||||||
def test_onthefly_registration
|
def test_onthefly_registration
|
||||||
|
|
Loading…
Reference in New Issue