diff --git a/app/models/user.rb b/app/models/user.rb
index 4a504e7c..2dcd815e 100755
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -204,12 +204,9 @@ def self.find_and_check_user email, token
   end
 
   def self.get_user_pass_attributes params
-    token = params[:token]
-    email = params[:email]
-    email = params[:user] if email.blank?
-    token = params[:password] if token.blank?
-
-    return [null, null] if email.blank? || token.blank?
+    token = params[:token].present? ? params[:token] : params[:password]
+    email = params[:email].present? ? params[:email] : params[:user]
+    return [nil, nil] if email.blank? || token.blank?
     [email, token]
   end
 
diff --git a/spec/models/user_spec.rb b/spec/models/user_spec.rb
index 4a7abee9..36f3e5d5 100755
--- a/spec/models/user_spec.rb
+++ b/spec/models/user_spec.rb
@@ -422,6 +422,33 @@
     expect(otp3).to_not equal(otp1)
   end
 
+  describe '.get_user_pass_attributes' do
+    it 'should return token and email if token and email is passed' do
+      params = { email: Faker::Internet.email, token: SecureRandom.uuid, user: '', password: '' }
+      expect(User.get_user_pass_attributes(params)).to eq([params[:email], params[:token]])
+    end
+
+    it 'should return password and email if email and password is present, and token is not present' do
+      params = { email: Faker::Internet.email, token: '', user: '', password: SecureRandom.uuid }
+      expect(User.get_user_pass_attributes(params)).to eq([params[:email], params[:password]])
+    end
+
+    it 'should return user and token if user and token is present, and email is not present' do
+      params = { email: '', token: SecureRandom.uuid, user: Faker::Internet.email, password: '' }
+      expect(User.get_user_pass_attributes(params)).to eq([params[:user], params[:token]])
+    end
+
+    it 'should return user and password if user and password is present and email and token is not present' do
+      params = { email: '', token: '', user: Faker::Internet.email, password: SecureRandom.uuid }
+      expect(User.get_user_pass_attributes(params)).to eq([params[:user], params[:password]])
+    end
+
+    it 'should return nil and nil if email and user is blank or password and token is blank' do
+      params = { email: '', token: '', user: '', password: '' }
+      expect(User.get_user_pass_attributes(params)).to eq([nil, nil])
+    end
+  end
+
   describe '.get_user' do
     after(:each) do
       User.destroy_all