Browse Source

make a step to protect emails

pull/81/head
MadeTech Dushan 3 years ago
parent
commit
e0242ad1ce
  1. 4
      app/controllers/users/passwords_controller.rb
  2. 2
      app/views/devise/confirmations/reset.html.erb

4
app/controllers/users/passwords_controller.rb

@ -1,13 +1,13 @@
class Users::PasswordsController < Devise::PasswordsController class Users::PasswordsController < Devise::PasswordsController
def reset_confirmation def reset_confirmation
@user = User.find(params["id"]) @email = params["email"]
render "devise/confirmations/reset" render "devise/confirmations/reset"
end end
protected protected
def after_sending_reset_password_instructions_path_for(resource) def after_sending_reset_password_instructions_path_for(resource)
confirmations_reset_path(id: @user.id) if is_navigational_format? confirmations_reset_path(email: params.dig("user", "email")) if is_navigational_format?
end end
end end

2
app/views/devise/confirmations/reset.html.erb

@ -1,7 +1,7 @@
<div class="govuk-grid-row"> <div class="govuk-grid-row">
<div class="govuk-grid-column-two-thirds"> <div class="govuk-grid-column-two-thirds">
<h1 class="govuk-heading-l"> Check your email</h1> <h1 class="govuk-heading-l"> Check your email</h1>
<p class="govuk-body">We’ve sent a link to reset your password to <strong><%= @user.email %></strong>.</p> <p class="govuk-body">We’ve sent a link to reset your password to <strong><%= @email %></strong>.</p>
<p class="govuk-body">You’ll only this receive this link if your email address already exists in our system.</p> <p class="govuk-body">You’ll only this receive this link if your email address already exists in our system.</p>
<p class="govuk-body">If you don’t receive the email within 5 minutes, check your spam or junk folders. Try again if you still haven’t received the email.</p> <p class="govuk-body">If you don’t receive the email within 5 minutes, check your spam or junk folders. Try again if you still haven’t received the email.</p>
</div> </div>

Loading…
Cancel
Save