From a1d0acd632d70d1b279501de1220ca2df5ebb63e Mon Sep 17 00:00:00 2001
From: Jean-Philippe Lang <jp_lang@yahoo.fr>
Date: Sat, 7 Jul 2012 18:05:32 +0000
Subject: [PATCH] Code cleanup.

git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@9942 e93f8b46-1217-0410-a6f0-8f06a7374b81
---
 app/controllers/account_controller.rb | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

diff --git a/app/controllers/account_controller.rb b/app/controllers/account_controller.rb
index ea3dcb1ae..7d57b45da 100644
--- a/app/controllers/account_controller.rb
+++ b/app/controllers/account_controller.rb
@@ -40,19 +40,22 @@ class AccountController < ApplicationController
     redirect_to home_url
   end
 
-  # Enable user to choose a new password
+  # Lets user choose a new password
   def lost_password
     redirect_to(home_url) && return unless Setting.lost_password?
     if params[:token]
-      @token = Token.find_by_action_and_value("recovery", params[:token])
-      redirect_to(home_url) && return unless @token and !@token.expired?
+      @token = Token.find_by_action_and_value("recovery", params[:token].to_s)
+      if @token.nil? || @token.expired?
+        redirect_to home_url
+        return
+      end
       @user = @token.user
       if request.post?
         @user.password, @user.password_confirmation = params[:new_password], params[:new_password_confirmation]
         if @user.save
           @token.destroy
           flash[:notice] = l(:notice_account_password_updated)
-          redirect_to :action => 'login'
+          redirect_to signin_path
           return
         end
       end
-- 
2.39.5