Just generate a new token on resending confirmation email

services/web/app/coffee/Features/Security/OneTimeTokenHandler.coffee

@@ -27,16 +27,6 @@ module.exports =
 			return callback(error) if error?
 			callback null, token
 
-	findValidTokenFromData: (use, data, callback = (error, token) ->) ->
-		db.tokens.findOne {
-			use: use,
-			data: data,
-			expiresAt: { $gt: new Date() },
-			usedAt: { $exists: false }
-		}, (error, token) ->
-			return callback(error) if error?
-			return callback null, token?.token
-
 	getValueFromTokenAndExpire: (use, token, callback = (error, data) ->)->
 		logger.log token_start: token.slice(0,8), "getting data from #{use} token"
 		now = new Date()

services/web/app/coffee/Features/User/UserEmailsConfirmationHandler.coffee

@@ -23,17 +23,6 @@ module.exports = UserEmailsConfirmationHandler =
 				confirmEmailUrl: "#{settings.siteUrl}/user/emails/confirm?token=#{token}"
 			EmailHandler.sendEmail emailTemplate, emailOptions, callback
 
-	resendConfirmationEmail: (user_id, email, callback = (error) ->) ->
-		OneTimeTokenHandler.findValidTokenFromData 'email_confirmation', { user_id, email }, (error, token) ->
-			return callback(error) if error?
-			if !token?
-				UserEmailsConfirmationHandler.sendConfirmationEmail user_id, email, callback
-			else
-				emailOptions =
-					to: email
-					confirmEmailUrl: "#{settings.siteUrl}/user/emails/confirm?token=#{token}"
-				EmailHandler.sendEmail 'confirmEmail', emailOptions, callback
-
 	confirmEmailFromToken: (token, callback = (error) ->) ->
 		logger.log {token_start: token.slice(0,8)}, 'confirming email from token'
 		OneTimeTokenHandler.getValueFromTokenAndExpire 'email_confirmation', token, (error, data) ->

services/web/app/coffee/Features/User/UserEmailsController.coffee

@@ -71,7 +71,7 @@ module.exports = UserEmailsController =
 				logger.log {userId, email, foundUserId: user?._id}, "email doesn't match logged in user"
 				return res.sendStatus 422
 			logger.log {userId, email}, 'resending email confirmation token'
-			UserEmailsConfirmationHandler.resendConfirmationEmail userId, email, (error) ->
+			UserEmailsConfirmationHandler.sendConfirmationEmail userId, email, (error) ->
 				return next(error) if error?
 				res.sendStatus 200
 

services/web/test/acceptance/coffee/UserEmailsTests.coffee

@@ -200,8 +200,7 @@ describe "UserEmails", ->
 			], done
 
 	describe 'resending the confirmation', ->
-		it 'should resend the existing token', (done) ->
-			token = null
+		it 'should generate a new token', (done) ->
 			async.series [
 				(cb) =>
 					@user.request {
@@ -223,7 +222,6 @@ describe "UserEmails", ->
 						expect(tokens.length).to.equal 1
 						expect(tokens[0].data.email).to.equal 'reconfirmation-email@example.com'
 						expect(tokens[0].data.user_id).to.equal @user._id
-						token = tokens[0].token
 						cb()
 				(cb) =>
 					@user.request {
@@ -241,18 +239,18 @@ describe "UserEmails", ->
 						'data.user_id': @user._id,
 						usedAt: { $exists: false }
 					}, (error, tokens) =>
-						# There should still only be one confirmation token
-						expect(tokens.length).to.equal 1
+						# There should be two tokens now
+						expect(tokens.length).to.equal 2
 						expect(tokens[0].data.email).to.equal 'reconfirmation-email@example.com'
 						expect(tokens[0].data.user_id).to.equal @user._id
-						token = tokens[0].token
+						expect(tokens[1].data.email).to.equal 'reconfirmation-email@example.com'
+						expect(tokens[1].data.user_id).to.equal @user._id
 						cb()
 			], done
 
 		it 'should create a new token if none exists', (done) ->
 			# This should only be for users that have sign up with their main
 			# emails before the confirmation system existed
-			token = null
 			async.series [
 				(cb) =>
 					db.tokens.remove {
@@ -280,12 +278,10 @@ describe "UserEmails", ->
 						expect(tokens.length).to.equal 1
 						expect(tokens[0].data.email).to.equal @user.email
 						expect(tokens[0].data.user_id).to.equal @user._id
-						token = tokens[0].token
 						cb()
 			], done
 
 		it "should not allow reconfirmation if the email doesn't match the user", (done) ->
-			token = null
 			async.series [
 				(cb) =>
 					@user.request {