password recovery refactoring and tests

2021-03-21 14:44:59 +01:00 · 2021-03-21 14:44:59 +01:00 · 39a89ad564
commit 39a89ad564
parent a69df8e658
5 changed files with 98 additions and 16 deletions
--- a/app/controllers/users_controller.rb
+++ b/app/controllers/users_controller.rb
@ -11,7 +11,10 @@ class UsersController < ApplicationController

  def password_recovery_request
    @user = User.where(email: params['email']).first
-    UserMailer.with(user: @user).password_recovery.deliver_now
+    recovery_password = ('a'..'z').to_a.shuffle[0,8].join
+    @user.recovery_password = recovery_password
+    @user.save
+    UserMailer.with(user: @user, recovery_password: recovery_password).password_recovery.deliver_now
    redirect_to '/welcome', notice: "Recovery email sent to #{params['email']}"
  end

@ -35,7 +38,7 @@ class UsersController < ApplicationController
        redirect_to '/welcome', notice: 'Passwords don\'t match'
      end
    else
-      redirect_to '/welcome', notice: 'Recovery link expired or unvalid'
+      redirect_to '/welcome', notice: 'Recovery link expired or invalid'
    end
  end
 end
--- a/app/mailers/user_mailer.rb
+++ b/app/mailers/user_mailer.rb
@ -1,10 +1,8 @@
 class UserMailer < ApplicationMailer
  def password_recovery
    @user = params[:user]
-    recovery_password = ('a'..'z').to_a.shuffle[0,8].join
-    @user.recovery_password = recovery_password
-    @user.save
-    @url  = "http://localhost:18210/recover_password/#{@user.id}/#{recovery_password}"
+    @recovery_password = params[:recovery_password]
+    @url = "http://localhost:18210/recover_password/#{@user.id}/#{@recovery_password}"
    mail(to: @user.email, subject: 'Password recovery')
  end
 end