minor change in the reset confirmation method to avoid errors if email in params is nil

3 years ago · 6ea3557db5
2 changed files with 9 additions and 1 deletions
--- a/app/controllers/auth/passwords_controller.rb
+++ b/app/controllers/auth/passwords_controller.rb
@ -4,7 +4,7 @@ class Auth::PasswordsController < Devise::PasswordsController
  def reset_confirmation
    self.resource = resource_class.new
    @email = params["email"]
-    if @email.empty?
+    if @email.blank?
      resource.errors.add :email, I18n.t("validations.email.blank")
      render "devise/passwords/new", status: :unprocessable_entity
    elsif !email_valid?(@email)
--- a/spec/requests/auth/passwords_controller_spec.rb
+++ b/spec/requests/auth/passwords_controller_spec.rb
@ -145,4 +145,12 @@ RSpec.describe Auth::PasswordsController, type: :request do
      end
    end
  end
+
+  context "when a password is reset" do
+    let(:email) { nil }
+
+    it "does not error if the email is nil or not in the params" do
+      expect { get account_password_reset_confirmation_path(email:) }.not_to raise_error
+    end
+  end
 end