From 0d5a72aef5d5ce53e7a9ea59b7c1c464985406ec Mon Sep 17 00:00:00 2001
From: Matt Jankowski <matt@jankowski.online>
Date: Wed, 27 Aug 2025 14:20:43 -0400
Subject: [PATCH] Method to check accept token value

---
 app/controllers/auth/registrations_controller.rb | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/app/controllers/auth/registrations_controller.rb b/app/controllers/auth/registrations_controller.rb
index 898d204d2d9..6390773b4b7 100644
--- a/app/controllers/auth/registrations_controller.rb
+++ b/app/controllers/auth/registrations_controller.rb
@@ -130,7 +130,7 @@ class Auth::RegistrationsController < Devise::RegistrationsController
   end
 
   def require_rules_acceptance!
-    return if @rules.empty? || (session[:accept_token].present? && params[:accept] == session[:accept_token])
+    return if @rules.empty? || validated_accept_token?
 
     @accept_token = session[:accept_token] = SecureRandom.hex
     @invite_code  = invite_code
@@ -139,6 +139,10 @@ class Auth::RegistrationsController < Devise::RegistrationsController
     render :rules
   end
 
+  def validated_accept_token?
+    session[:accept_token].present? && params[:accept] == session[:accept_token]
+  end
+
   def is_flashing_format? # rubocop:disable Naming/PredicatePrefix
     if params[:action] == 'create'
       false # Disable flash messages for sign-up