1
0
Fork 0
forked from OpenNeo/impress

Don't require current_password for settings if user doesn't have one

This commit is contained in:
Emi Matchu 2024-04-08 04:13:07 -07:00
parent 0f5bb2a861
commit f6d3992045
2 changed files with 18 additions and 9 deletions

View file

@ -24,7 +24,13 @@ class AuthUsersController < ApplicationController
def update def update
@auth_user = load_auth_user @auth_user = load_auth_user
if @auth_user.update_with_password(auth_user_params) # If the user has a password, then the `current_password` field is required
# when updating. If not, then it's not!
success = @auth_user.uses_password? ?
@auth_user.update_with_password(auth_user_params) :
@auth_user.update(auth_user_params)
if success
# NOTE: Changing the password will sign you out, so make sure we stay # NOTE: Changing the password will sign you out, so make sure we stay
# signed in! # signed in!
bypass_sign_in @auth_user, scope: :auth_user bypass_sign_in @auth_user, scope: :auth_user

View file

@ -38,6 +38,8 @@
</div> </div>
</fieldset> </fieldset>
<%# Current password is only required if you have one! %>
<% if @auth_user.uses_password? %>
<fieldset> <fieldset>
<div class="field"> <div class="field">
<%= f.label :current_password %> <%= f.label :current_password %>
@ -46,6 +48,7 @@
<%= f.password_field :current_password, autocomplete: "current-password" %> <%= f.password_field :current_password, autocomplete: "current-password" %>
</div> </div>
</fieldset> </fieldset>
<% end %>
<div class="actions"> <div class="actions">
<%= f.submit "Save changes" %> <%= f.submit "Save changes" %>