codeninjasllc/discourse
1
0
Fork 0
mirror of https://github.com/codeninjasllc/discourse.git synced 2024-11-30 10:58:31 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

FIX: tighten up email token durations

Browse source
This commit is contained in:
Sam 2014-07-02 09:08:25 +10:00
parent 2a998fd787
commit 60d93a62f6
4 changed files with 12 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
app/models/email_token.rb
View file

@ -19,11 +19,11 @@ class EmailToken < ActiveRecord::Base
end end
def self.valid_after def self.valid_after
1.week.ago SiteSetting.email_token_valid_hours.hours.ago
end end
def self.confirm_valid_after def self.confirm_valid_after
1.day.ago SiteSetting.email_token_grace_period_hours.ago
end end
def self.unconfirmed def self.unconfirmed

3
config/locales/server.en.yml
View file

@ -702,6 +702,9 @@ en:
topics_per_period_in_top_page: "How many topics loaded on the top topics page" topics_per_period_in_top_page: "How many topics loaded on the top topics page"
redirect_users_to_top_page: "Automatically redirect new & long-time-no-see users to top page" redirect_users_to_top_page: "Automatically redirect new & long-time-no-see users to top page"
email_token_valid_hours: "How long are 'forgot password' / 'activate account' tokens valid for"
email_token_grace_period_hours: "How long are 'forgot password' / 'activate account' tokens valid for, after being redeemed"
enable_badges: "Enable the badge system (experimental)" enable_badges: "Enable the badge system (experimental)"
allow_index_in_robots_txt: "Site should be indexed by search engines (update robots.txt)" allow_index_in_robots_txt: "Site should be indexed by search engines (update robots.txt)"

3
config/site_settings.yml
View file

@ -263,6 +263,9 @@ users:
default: 15 default: 15
redirect_users_to_top_page: true redirect_users_to_top_page: true
email_token_valid_hours: 24
email_token_grace_period_hours: 0
posting: posting:
min_post_length: min_post_length:
client: true client: true

9
spec/models/email_token_spec.rb
View file

@ -63,8 +63,8 @@ describe EmailToken do
end end
it 'returns nil when a token is older than a specific time' do it 'returns nil when a token is older than a specific time' do
EmailToken.expects(:valid_after).returns(1.week.ago) SiteSetting.email_token_valid_hours = 10
email_token.update_column(:created_at, 2.weeks.ago) email_token.update_column(:created_at, 11.hours.ago)
EmailToken.confirm(email_token.token).should be_blank EmailToken.confirm(email_token.token).should be_blank
end end
@ -88,11 +88,10 @@ describe EmailToken do
end end
context "when using the code a second time" do context "when using the code a second time" do
before do
EmailToken.confirm(email_token.token)
end
it "doesn't send the welcome message" do it "doesn't send the welcome message" do
SiteSetting.email_token_grace_period_hours = 1
EmailToken.confirm(email_token.token)
user = EmailToken.confirm(email_token.token) user = EmailToken.confirm(email_token.token)
user.send_welcome_message.should be_false user.send_welcome_message.should be_false
end end