Carry through name/phone/password updates through report/update creation via token. Only store encrypted password, and override EncodedColumn to prevent double encrypting.

1 files changed, 7 insertions, 3 deletions

diff --git a/perllib/FixMyStreet/App/Controller/Auth.pm b/perllib/FixMyStreet/App/Controller/Auth.pm
index a5afff9c5..c67de692a 100644
--- a/perllib/FixMyStreet/App/Controller/Auth.pm
+++ b/perllib/FixMyStreet/App/Controller/Auth.pm
@@ -108,6 +108,11 @@ sub email_sign_in : Private {
         return;
     }
 
+    my $user_params = {};
+    $user_params->{password} = $c->req->param('password_register')
+        if $c->req->param('password_register');
+    my $user = $c->model('DB::User')->new( $user_params );
+
     my $token_obj = $c->model('DB::Token')    #
       ->create(
         {
@@ -116,7 +121,7 @@ sub email_sign_in : Private {
                 email => $good_email,
                 r => $c->req->param('r'),
                 name => $c->req->param('name'),
-                password => $c->req->param('password_register'),
+                password => $user->password,
             }
         }
       );
@@ -158,9 +163,8 @@ sub token : Path('/M') : Args(1) {
     # find or create the user related to the token.
     my $user = $c->model('DB::User')->find_or_create( { email => $data->{email} } );
     $user->name( $data->{name} ) if $data->{name};
-    $user->password( $data->{password} ) if $data->{password};
+    $user->password( $data->{password}, 1 ) if $data->{password};
     $user->update;
-
     $c->authenticate( { email => $user->email }, 'no_password' );
 
     # send the user to their page