GRN-94: Make sure reset-password also works on non-verified accounts (#448)

* Fix for issue with excesive requests to lb * Fixed issue with rspec on users not passing when run alone * Include dotenv in production * GRN-94: Make sure reset-password also works on non-verified accounts

GRN-94: Make sure reset-password also works on non-verified accounts (#448)
3dea09ee · Jesus Federico · GitHub · 2b0301da · 3dea09ee · 3dea09ee
Unverified Commit 3dea09ee authored Apr 10, 2019 by Jesus Federico Committed by GitHub Apr 10, 2019
--- a/app/controllers/password_resets_controller.rb
+++ b/app/controllers/password_resets_controller.rb
@@ -84,7 +84,8 @@ class PasswordResetsController < ApplicationController
  # Confirms a valid user.
  def valid_user
-    unless current_user&.activated? && current_user.authenticated?(:reset, params[:id])
+    unless current_user.authenticated?(:reset, params[:id])
+      current_user&.activate unless current_user&.activated?
      redirect_to root_url
    end
  end

--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -127,6 +127,7 @@ class User < ApplicationRecord
  def activate
    update_attribute(:email_verified, true)
    update_attribute(:activated_at, Time.zone.now)
+    save
  end
  def activated?