Adds token finder methods.

git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@11374 e93f8b46-1217-0410-a6f0-8f06a7374b81
author: Jean-Philippe Lang <jp_lang@yahoo.fr> 2013-02-14 21:47:07 +0000
committer: Jean-Philippe Lang <jp_lang@yahoo.fr> 2013-02-14 21:47:07 +0000
commit: 812da860b376d857fc7f1c4b06b26c6bec9232f7 (patch)
tree: 3c6b72c824c49c1dfef87aff50823c270d6106cc /app
parent: adb4a575dc8878f043e8bf54a6a542ee618a1e64 (diff)
download: redmine-812da860b376d857fc7f1c4b06b26c6bec9232f7.tar.gz
redmine-812da860b376d857fc7f1c4b06b26c6bec9232f7.zip
2 files changed, 23 insertions, 6 deletions
diff --git a/app/controllers/account_controller.rb b/app/controllers/account_controller.rb
index a89c22373..df9a7a975 100644
--- a/app/controllers/account_controller.rb
+++ b/app/controllers/account_controller.rb
@@ -51,7 +51,7 @@ class AccountController < ApplicationController
   def lost_password
     (redirect_to(home_url); return) unless Setting.lost_password?
     if params[:token]
-      @token = Token.find_by_action_and_value("recovery", params[:token].to_s)
+      @token = Token.find_token("recovery", params[:token].to_s)
       if @token.nil? || @token.expired?
         redirect_to home_url
         return
@@ -140,7 +140,7 @@ class AccountController < ApplicationController
   # Token based account activation
   def activate
     (redirect_to(home_url); return) unless Setting.self_registration? && params[:token].present?
-    token = Token.find_by_action_and_value('register', params[:token].to_s)
+    token = Token.find_token('register', params[:token].to_s)
     (redirect_to(home_url); return) unless token and !token.expired?
     user = token.user
     (redirect_to(home_url); return) unless user.registered?
diff --git a/app/models/token.rb b/app/models/token.rb
index 4c0598e60..3131bce8d 100644
--- a/app/models/token.rb
+++ b/app/models/token.rb
@@ -39,14 +39,31 @@ class Token < ActiveRecord::Base
 
   # Returns the active user who owns the key for the given action
   def self.find_active_user(action, key, validity_days=nil)
+    user = find_user(action, key, validity_days)
+    if user && user.active?
+      user
+    end
+  end
+
+  # Returns the user who owns the key for the given action
+  def self.find_user(action, key, validity_days=nil)
+    token = find_token(action, key, validity_days)
+    if token
+      token.user
+    end
+  end
+
+  # Returns the token for action and key with an optional
+  # validity duration (in number of days)
+  def self.find_token(action, key, validity_days=nil)
     action = action.to_s
     key = key.to_s
-    return nil unless action.present? && key =~ /\A[a-f0-9]+\z/
+    return nil unless action.present? && key =~ /\A[a-z0-9]+\z/i
 
-    token = find_by_action_and_value(action, key)
-    if token && token.user && token.user.active?
+    token = Token.where(:action => action, :value => key).first
+    if token && (token.action == action) && (token.value == key) && token.user
       if validity_days.nil? || (token.created_on > validity_days.days.ago)
-        token.user
+        token
       end
     end
   end
author	Jean-Philippe Lang <jp_lang@yahoo.fr>	2013-02-14 21:47:07 +0000
committer	Jean-Philippe Lang <jp_lang@yahoo.fr>	2013-02-14 21:47:07 +0000
commit	812da860b376d857fc7f1c4b06b26c6bec9232f7 (patch)
tree	3c6b72c824c49c1dfef87aff50823c270d6106cc /app
parent	adb4a575dc8878f043e8bf54a6a542ee618a1e64 (diff)
download	redmine-812da860b376d857fc7f1c4b06b26c6bec9232f7.tar.gz redmine-812da860b376d857fc7f1c4b06b26c6bec9232f7.zip