Captcha for 'I forgot my password' feature

Evandro Junior
1 parent b174e8d4
Showing 1 changed file with 6 additions and 3 deletions Show diff stats
lib/noosfero/api/session.rb
@@ -39,8 +39,8 @@ module Noosfero
         unique_attributes! User, [:email, :login]
         attrs = attributes_for_keys [:email, :login, :password, :password_confirmation] + environment.signup_person_fields
         remote_ip = (request.respond_to?(:remote_ip) && request.remote_ip) || (env && env['REMOTE_ADDR'])
-        # test_captcha will render_api_error! and exit in case of some problem
-        # this return is only improve the clarity of the execution path
+        # test_captcha will render_api_error! and exit in case of any problem
+        # this return is just to improve the clarity of the execution path
         return unless test_captcha(remote_ip, params, environment)
         user = User.new(attrs)
         if user.save
@@ -97,7 +97,10 @@ module Noosfero
       post "/forgot_password" do
         requestors = fetch_requestors(params[:value])
         not_found! if requestors.blank?
-
+        remote_ip = (request.respond_to?(:remote_ip) && request.remote_ip) || (env && env['REMOTE_ADDR'])
+        # test_captcha will render_api_error! and exit in case of any problem
+        # this return is just to improve the clarity of the execution path
+        return unless test_captcha(remote_ip, params, environment)
         requestors.each do |requestor|
           ChangePassword.create!(:requestor => requestor)
         end