Resend Email Verification 404


(Aaron Boushley) #1

Hey,

I’m seeing an issue with resending verification emails via the login flow or the admin panel.

Did a bit of digging and found this in the logs:

Started POST "/users/Testingway/send_activation_email" for 127.0.0.1 at 2014-08-27 21:25:54 +0000
Processing by UsersController#send_activation_email as */*
Parameters: {"username"=>"Testingway"}
Rendered exceptions/not_found.html.erb within layouts/no_js (9.7ms)
Rendered common/_special_font_face.html.erb (0.4ms)
Rendered common/_discourse_stylesheet.html.erb (6.4ms)
Rendered layouts/_head.html.erb (7.5ms)
Rendered text template (0.0ms)
Completed 404 Not Found in 35ms (Views: 0.5ms | ActiveRecord: 14.6ms)

Looking at the UserController#send_activation_email method it looks like fetch_user_from_params is likely the culprit. Looking at that ApplicationController#fetch_user_from_params there is a search by username (which from the logs appears to be what is happening) and there is this line:

User.find_by(username_lower: username_lower, active: true)

I think the active: true is what is causing trouble. Users who need a resend (for any reason) aren’t active, so we’re getting the 404 error. It looks like this bug was introduced by the last commit to Application Controller a couple weeks ago – 9a1580244a547f373eeca98f46229f3f5a0beb84 (was going to put a GitHub link for that one too, but I guess I’m not cool enough yet :wink: )

Aaron


(Jeff Atwood) #2

Seems like a legit bug, @eviltrout can you have a look tomorrow?


(Robin Ward) #3

Good catch! Thanks, I’ve got a fix in master:

https://github.com/discourse/discourse/commit/c9262a839025e1436ac0e7b813134d8dccd939c5


(Jeff Atwood) #4