From ec21a15fa7234b8274b5b137afdd6dff78cf52a9 Mon Sep 17 00:00:00 2001
From: Robin Ward <robin.ward@gmail.com>
Date: Mon, 9 Mar 2020 12:53:32 -0400
Subject: [PATCH] FIX: Incorrect message when logging in via email

If `hide email address taken` was true, it would always display a
success message, rather than the non-comittal "maybe we emailed that
user" response.
---
 .../javascripts/discourse/controllers/login.js.es6       | 6 +++++-
 app/controllers/users_controller.rb                      | 1 +
 spec/requests/users_controller_spec.rb                   | 9 ++++++---
 3 files changed, 12 insertions(+), 4 deletions(-)

diff --git a/app/assets/javascripts/discourse/controllers/login.js.es6 b/app/assets/javascripts/discourse/controllers/login.js.es6
index 9d4c56f56ef..de39f7ec8a8 100644
--- a/app/assets/javascripts/discourse/controllers/login.js.es6
+++ b/app/assets/javascripts/discourse/controllers/login.js.es6
@@ -296,8 +296,12 @@ export default Controller.extend(ModalFunctionality, {
               "error"
             );
           } else {
+            let postfix = data.hide_taken ? "" : "_found";
             this.flash(
-              I18n.t(`${key}_found`, { email: loginName, username: loginName })
+              I18n.t(`${key}${postfix}`, {
+                email: loginName,
+                username: loginName
+              })
             );
           }
         })
diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb
index 4d0adc5116c..9405620286f 100644
--- a/app/controllers/users_controller.rb
+++ b/app/controllers/users_controller.rb
@@ -748,6 +748,7 @@ class UsersController < ApplicationController
     end
 
     json = success_json
+    json[:hide_taken] = SiteSetting.hide_email_address_taken
     json[:user_found] = user_presence unless SiteSetting.hide_email_address_taken
     render json: json
   rescue RateLimiter::LimitExceeded
diff --git a/spec/requests/users_controller_spec.rb b/spec/requests/users_controller_spec.rb
index 707c61d6ba6..38dfe21e960 100644
--- a/spec/requests/users_controller_spec.rb
+++ b/spec/requests/users_controller_spec.rb
@@ -3455,7 +3455,6 @@ describe UsersController do
 
       it 'should return the right response' do
         post "/u/email-login.json", params: { login: user.email }
-
         expect(response.status).to eq(404)
       end
     end
@@ -3465,7 +3464,9 @@ describe UsersController do
         post "/u/email-login.json", params: { login: '@random' }
 
         expect(response.status).to eq(200)
-        expect(JSON.parse(response.body)['user_found']).to eq(false)
+        json = JSON.parse(response.body)
+        expect(json['user_found']).to eq(false)
+        expect(json['hide_taken']).to eq(false)
         expect(Jobs::CriticalUserEmail.jobs).to eq([])
       end
     end
@@ -3476,7 +3477,9 @@ describe UsersController do
         post "/u/email-login.json", params: { login: user.email }
 
         expect(response.status).to eq(200)
-        expect(JSON.parse(response.body).has_key?('user_found')).to eq(false)
+        json = JSON.parse(response.body)
+        expect(json.has_key?('user_found')).to eq(false)
+        expect(json['hide_taken']).to eq(true)
       end
     end