[#10752] set email verified after password reset

2024-09-06 12:06:05 +02:00 · 2024-09-06 12:06:05 +02:00 · 9e843a3df4
commit 9e843a3df4
parent 9fd53b182a
2 changed files with 21 additions and 0 deletions
--- a/app/controllers/users/passwords_controller.rb
+++ b/app/controllers/users/passwords_controller.rb
@ -5,6 +5,7 @@ class Users::PasswordsController < Devise::PasswordsController

  after_action :try_to_authenticate_instructeur, only: [:update]
  after_action :try_to_authenticate_administrateur, only: [:update]
+  after_action :update_email_verified_at, only: [:update]

  # GET /resource/password/new
  # def new
@ -62,4 +63,10 @@ class Users::PasswordsController < Devise::PasswordsController
      end
    end
  end
+
+  def update_email_verified_at
+    if user_signed_in?
+      current_user.update!(email_verified_at: Time.zone.now)
+    end
+  end
 end
--- a/spec/controllers/users/passwords_controller_spec.rb
+++ b/spec/controllers/users/passwords_controller_spec.rb
@ -38,6 +38,20 @@ describe Users::PasswordsController, type: :controller do
        expect(subject.current_user).to eq(user)
        expect(subject.current_administrateur).to eq(administrateur)
      end
+
+      it "marks user's email as verified" do
+        expect(user.email_verified_at).to be_nil
+
+        put :update, params: {
+          user: {
+            reset_password_token: @token,
+            password: "mot de passe super secret",
+            password_confirmation: "mot de passe super secret"
+          }
+        }
+
+        expect(user.reload.email_verified_at).to be_present
+      end
    end
  end