undefined method `password_expired?` in IdentitiesController

[jpslav]

Got a couple of exceptions with:

A NoMethodError occurred in identities#reset_password:

  undefined method `password_expired?' for nil:NilClass
  app/controllers/identities_controller.rb:40:in `reset_password'

That offending line:

    if !current_user.is_anonymous? && current_user.identity.password_expired?

The current_user isn't anonymous but current_user.identity is nil (an "identity" is a password authentication in Accounts).

I would recommend adding a spec here. The create_user call at the top of that file creates a dummy user with an identity, so you'll need to find a way to either create a non-anonymous user without an identity (maybe as an option to that create_user method) or have an option to add a non-identity authentication (probably some examples somewhere else of creating a user with a fake Facebook authentication).

Users are sent to this reset password page when their password expires. And those people of course have identities. So these must be some random arrivals. A reasonable behavior for when a password-less person goes to reset_password would be to redirect them to the login page with a flash error that says "Your password cannot be reset. Please contact support for assistance." -- just in case they are not some random arrival and have a real need, we won't lose them.

[jpslav]

In addition to reaching this from the expired password approach, these could also be users with social logins who say "Forgot password" (probably way more likely :-)

[Dantemss]

Most definitely. Make sure the message tells them to try FB/Google/Twitter. Or even figure out which one they have.