Browse Source

Reset password validation (#125)

* Add email validation to reset password form

* Revert extracting CSS file by default since it messes with tests

* Add label to change password

* Error summary should be above title
pull/130/head
Daniel Baark 3 years ago committed by GitHub
parent
commit
5b1c5db28d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
  1. 5
      app/controllers/helpers/email.rb
  2. 15
      app/controllers/users/passwords_controller.rb
  3. 8
      app/controllers/users/sessions_controller.rb
  4. 3
      app/views/devise/passwords/new.html.erb
  5. 1
      app/views/devise/registrations/edit.html.erb
  6. 2
      config/webpacker.yml
  7. 15
      spec/features/user_spec.rb

5
app/controllers/helpers/email.rb

@ -0,0 +1,5 @@
module Helpers::Email
def email_valid?(email)
email =~ URI::MailTo::EMAIL_REGEXP
end
end

15
app/controllers/users/passwords_controller.rb

@ -1,8 +1,19 @@
class Users::PasswordsController < Devise::PasswordsController
include Helpers::Email
def reset_confirmation
self.resource = resource_class.new
@email = params["email"]
flash[:notice] = "Reset password instructions have been sent to #{@email}"
render "devise/confirmations/reset"
if @email.empty?
resource.errors.add :email, "Enter an email address"
render "devise/passwords/new", status: :unprocessable_entity
elsif !email_valid?(@email)
resource.errors.add :email, "Enter an email address in the correct format, like name@example.com"
render "devise/passwords/new", status: :unprocessable_entity
else
flash[:notice] = "Reset password instructions have been sent to #{@email}"
render "devise/confirmations/reset"
end
end
def create

8
app/controllers/users/sessions_controller.rb

@ -1,4 +1,6 @@
class Users::SessionsController < Devise::SessionsController
include Helpers::Email
def create
self.resource = resource_class.new
if params.dig("user", "email").empty?
@ -15,10 +17,4 @@ class Users::SessionsController < Devise::SessionsController
super
end
end
private
def email_valid?(email)
email =~ URI::MailTo::EMAIL_REGEXP
end
end

3
app/views/devise/passwords/new.html.erb

@ -8,8 +8,9 @@
<%= form_for(resource, as: resource_name, url: password_path(resource_name), html: { method: :post }) do |f| %>
<div class="govuk-grid-row">
<div class="govuk-grid-column-two-thirds">
<%= f.govuk_error_summary %>
<h1 class="govuk-heading-l">Reset password</h1>
<%= render "devise/shared/error_messages", resource: resource %>
<p class="govuk-body">Enter the email address you used to create your account.</p>
<p class="govuk-body">We’ll email you a link to reset your password. This link will expire in 3 hours.</p>

1
app/views/devise/registrations/edit.html.erb

@ -11,6 +11,7 @@
<h1 class="govuk-heading-l">Change your password</h1>
<%= f.govuk_password_field :current_password,
label: { text: "Current password" },
autocomplete: "current-password"
%>

2
config/webpacker.yml

@ -16,7 +16,7 @@ default: &default
cache_manifest: false
# Extract and emit a css file
extract_css: true
extract_css: false
static_assets_extensions:
- .jpg

15
spec/features/user_spec.rb

@ -29,6 +29,21 @@ RSpec.describe "User Features" do
expect(page).to have_current_path("/users/password/new")
end
it " is shown an error message if they submit without entering an email address" do
visit("/users/password/new")
click_button("Send email")
expect(page).to have_selector("#error-summary-title")
expect(page).to have_selector("#user-email-field-error")
end
it " is shown an error message if they submit an invalid email address" do
visit("/users/password/new")
fill_in("user[email]", with: "thisisn'tanemail")
click_button("Send email")
expect(page).to have_selector("#error-summary-title")
expect(page).to have_selector("#user-email-field-error")
end
it " is redirected to check your email page after submitting an email on the reset password page" do
visit("/users/password/new")
fill_in("user[email]", with: user.email)

Loading…
Cancel
Save