cst1/openstreetmap-website
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
13925 commits 4 branches 1 tag 499 MiB
Commit graph

8 commits

Author SHA1 Message Date
Andy Allan
0a10ac2e9b
Merge pull request #4550 from tomhughes/drop-user-tokens 
Drop user tokens table
 2024-03-07 13:51:44 +00:00
Andy Allan
4e237db390 Be paranoid when sending password reset emails 
This implements what is known as "paranoid" password reset flash
messages (using the terminology from Devise). It avoids revealing
whether the supplied email address is already registered.

Added an explicit test for this situation, so that the test for
email non-existance is separate from the duplicate-case tests.
 2024-03-02 15:48:54 +00:00
Tom Hughes
29cc21c599 Drop user tokens table 2024-02-28 21:02:54 +00:00
Tom Hughes
b8fad531e4 Use rails tokens for password resets 2024-02-24 13:23:19 +00:00
Andy Allan
4bca24a7be Resourceful routing for passwords 
This also matches the routes used by devise
 2023-12-06 18:41:00 +00:00
Tom Hughes
dc28f1dccc Fix new rubocop warnings 2022-11-22 18:32:02 +00:00
Andy Allan
1a11c4dc19 Use a state machine for user status 
The user status is a bit complex, since there are various states and
not all transitions between them make sense.

Using AASM means that we can name and restrict the transitions, which
hopefully makes them easier to reason about.
 2022-01-12 18:16:14 +00:00
Andy Allan
7a66c6d4eb Split password reset functionality into PasswordsController 2021-04-07 16:05:28 +01:00