diff --git a/app/controllers/login_controller.rb b/app/controllers/login_controller.rb index bfa3de67..b94be192 100644 --- a/app/controllers/login_controller.rb +++ b/app/controllers/login_controller.rb @@ -10,6 +10,10 @@ class LoginController < ApplicationController # Sends an email to a user with the token that allows setting a new password through action "password". def reset_password + if request.get? || params[:user].nil? # Catch for get request and give better error message. + redirect_to forgot_password_url, alert: 'Ein Problem ist aufgetreten. Bitte erneut versuchen' and return + end + if (user = User.find_by_email(params[:user][:email])) user.reset_password_token = user.new_random_password(16) user.reset_password_expires = Time.now.advance(:days => 2)