FIX: respond with proper error message if user not found

This commit is contained in:
Arpit Jalan 2018-11-21 10:47:37 +05:30
parent 539f1c6252
commit 10cc698df3
2 changed files with 26 additions and 10 deletions

View File

@ -545,12 +545,22 @@ class UsersController < ApplicationController
} }
end end
else else
if @error || @user&.errors&.any?
render json: { render json: {
success: false,
message: @error,
errors: @user&.errors&.to_hash,
is_developer: UsernameCheckerService.is_developer?(@user&.email), is_developer: UsernameCheckerService.is_developer?(@user&.email),
admin: @user&.admin?, admin: @user&.admin?
second_factor_required: !valid_second_factor,
backup_enabled: @user&.backup_codes_enabled?
} }
else
render json: {
is_developer: UsernameCheckerService.is_developer?(@user.email),
admin: @user.admin?,
second_factor_required: !valid_second_factor,
backup_enabled: @user.backup_codes_enabled?
}
end
end end
end end
end end

View File

@ -122,11 +122,9 @@ describe UsersController do
end end
context 'missing token' do context 'missing token' do
before do
get "/u/password-reset/#{token}"
end
it 'disallows login' do it 'disallows login' do
get "/u/password-reset/#{token}"
expect(response.status).to eq(200) expect(response.status).to eq(200)
expect(CGI.unescapeHTML(response.body)) expect(CGI.unescapeHTML(response.body))
@ -138,6 +136,14 @@ describe UsersController do
expect(session[:current_user_id]).to be_blank expect(session[:current_user_id]).to be_blank
end end
it "responds with proper error message" do
get "/u/password-reset/#{token}.json"
expect(response.status).to eq(200)
expect(JSON.parse(response.body)["message"]).to eq(I18n.t('password_reset.no_token'))
expect(session[:current_user_id]).to be_blank
end
end end
context 'invalid token' do context 'invalid token' do