diff --git a/app/views/account/password_recovery.html.erb b/app/views/account/password_recovery.html.erb index 53c6350..24da822 100644 --- a/app/views/account/password_recovery.html.erb +++ b/app/views/account/password_recovery.html.erb @@ -2,14 +2,19 @@ <%= error_messages_for 'user' %> -<%= form_tag({:token => @token.value}) do %> -
-

-<%= password_field_tag 'new_password', nil, :size => 25 %> -<%= l(:text_caracters_minimum, :count => Setting.password_min_length) %>

+<%= form_tag(lost_password_path) do %> + <%= hidden_field_tag 'token', @token.value %> +
+

+ + <%= password_field_tag 'new_password', nil, :size => 25 %> + <%= l(:text_caracters_minimum, :count => Setting.password_min_length) %> +

-

-<%= password_field_tag 'new_password_confirmation', nil, :size => 25 %>

-
-

<%= submit_tag l(:button_save) %>

+

+ + <%= password_field_tag 'new_password_confirmation', nil, :size => 25 %> +

+
+

<%= submit_tag l(:button_save) %>

<% end %> diff --git a/test/integration/account_test.rb b/test/integration/account_test.rb index 9f73be2..d50bb89 100644 --- a/test/integration/account_test.rb +++ b/test/integration/account_test.rb @@ -76,6 +76,7 @@ class AccountTest < ActionController::IntegrationTest get "account/lost_password" assert_response :success assert_template "account/lost_password" + assert_select 'input[name=mail]' post "account/lost_password", :mail => 'jSmith@somenet.foo' assert_redirected_to "/login" @@ -88,6 +89,9 @@ class AccountTest < ActionController::IntegrationTest get "account/lost_password", :token => token.value assert_response :success assert_template "account/password_recovery" + assert_select 'input[type=hidden][name=token][value=?]', token.value + assert_select 'input[name=new_password]' + assert_select 'input[name=new_password_confirmation]' post "account/lost_password", :token => token.value, :new_password => 'newpass', :new_password_confirmation => 'newpass' assert_redirected_to "/login"