FIX: respond with proper error message if user not found
This commit is contained in:
parent
539f1c6252
commit
10cc698df3
|
@ -545,12 +545,22 @@ class UsersController < ApplicationController
|
|||
}
|
||||
end
|
||||
else
|
||||
render json: {
|
||||
is_developer: UsernameCheckerService.is_developer?(@user&.email),
|
||||
admin: @user&.admin?,
|
||||
second_factor_required: !valid_second_factor,
|
||||
backup_enabled: @user&.backup_codes_enabled?
|
||||
}
|
||||
if @error || @user&.errors&.any?
|
||||
render json: {
|
||||
success: false,
|
||||
message: @error,
|
||||
errors: @user&.errors&.to_hash,
|
||||
is_developer: UsernameCheckerService.is_developer?(@user&.email),
|
||||
admin: @user&.admin?
|
||||
}
|
||||
else
|
||||
render json: {
|
||||
is_developer: UsernameCheckerService.is_developer?(@user.email),
|
||||
admin: @user.admin?,
|
||||
second_factor_required: !valid_second_factor,
|
||||
backup_enabled: @user.backup_codes_enabled?
|
||||
}
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -122,11 +122,9 @@ describe UsersController do
|
|||
end
|
||||
|
||||
context 'missing token' do
|
||||
before do
|
||||
get "/u/password-reset/#{token}"
|
||||
end
|
||||
|
||||
it 'disallows login' do
|
||||
get "/u/password-reset/#{token}"
|
||||
|
||||
expect(response.status).to eq(200)
|
||||
|
||||
expect(CGI.unescapeHTML(response.body))
|
||||
|
@ -138,6 +136,14 @@ describe UsersController do
|
|||
|
||||
expect(session[:current_user_id]).to be_blank
|
||||
end
|
||||
|
||||
it "responds with proper error message" do
|
||||
get "/u/password-reset/#{token}.json"
|
||||
|
||||
expect(response.status).to eq(200)
|
||||
expect(JSON.parse(response.body)["message"]).to eq(I18n.t('password_reset.no_token'))
|
||||
expect(session[:current_user_id]).to be_blank
|
||||
end
|
||||
end
|
||||
|
||||
context 'invalid token' do
|
||||
|
|
Loading…
Reference in New Issue