Skip to content

Commit

Permalink
Merge pull request lynndylanhurley#411 from rmvenancio/404passreset
Browse files Browse the repository at this point in the history 
404 for invalid link with password reset token
  • Loading branch information
@lynndylanhurley
lynndylanhurley committed Oct 25, 2015
2 parents 5116e81 + 9869221 commit 8a7ee78
Show file tree
Hide file tree
Showing 2 changed files with 6 additions and 12 deletions.
8 changes: 1 addition & 7 deletions app/controllers/devise_token_auth/passwords_controller.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -103,7 +103,7 @@ def edit
config: params[:config]
}))
else
render_edit_error
raise ActionController::RoutingError.new('Not Found')
end
end

Expand Down Expand Up @@ -179,12 +179,6 @@ def render_create_error
}, status: @error_status
end

def render_edit_error
render json: {
success: false
}, status: 404
end

def render_update_error_unauthorized
render json: {
success: false,
Expand Down
10 changes: 5 additions & 5 deletions test/controllers/devise_token_auth/passwords_controller_test.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -123,13 +123,13 @@ class DeviseTokenAuth::PasswordsControllerTest < ActionController::TestCase
end

describe 'password reset link failure' do
test 'respone should return 404' do
xhr :get, :edit, {
reset_password_token: 'bogus',
test 'response should return 404' do
assert_raises(ActionController::RoutingError) {
xhr :get, :edit, {
reset_password_token: "bogus",
redirect_url: @mail_redirect_url
}
}

assert_equal 404, response.status
end
end

Expand Down

0 comments on commit 8a7ee78

Please sign in to comment.