diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb
index 7d261e048df..c2591c06227 100644
--- a/app/controllers/users_controller.rb
+++ b/app/controllers/users_controller.rb
@@ -281,7 +281,7 @@ class UsersController < ApplicationController
   end
 
   def password_reset
-    expires_now()
+    expires_now
 
     if EmailToken.valid_token_format?(params[:token])
       @user = EmailToken.confirm(params[:token])
@@ -297,7 +297,7 @@ class UsersController < ApplicationController
     end
 
     if !@user
-      flash[:error] = I18n.t('password_reset.no_token')
+      @error = I18n.t('password_reset.no_token')
     elsif request.put?
       @invalid_password = params[:password].blank? || params[:password].length > User.max_password_length
 
@@ -325,7 +325,7 @@ class UsersController < ApplicationController
                 'password_reset.success_unapproved'
               end
 
-    flash[:success] = I18n.t(message)
+    @success = I18n.t(message)
   end
 
   def change_email
diff --git a/app/views/users/password_reset.html.erb b/app/views/users/password_reset.html.erb
index c2b1bbc3a7a..dd77729fecf 100644
--- a/app/views/users/password_reset.html.erb
+++ b/app/views/users/password_reset.html.erb
@@ -1,7 +1,7 @@
 <div id="simple-container">
-  <%if flash[:error]%>
+  <%if @error%>
     <div class='alert alert-error'>
-      <%=flash[:error]%>
+      <%= @error %>
     </div>
   <%end%>
   <% if @user.present? and @user.errors.any? %>
@@ -12,9 +12,9 @@
     </div>
   <% end %>
 
-  <%if flash[:success]%>
+  <%if @success%>
     <p>
-      <%= flash[:success] %>
+      <%= @success %>
       <%- if @requires_approval %>
         <%= t 'login.not_approved' %>
       <% else %>
diff --git a/spec/controllers/users_controller_spec.rb b/spec/controllers/users_controller_spec.rb
index 27c330c97a5..4388cfaf97c 100644
--- a/spec/controllers/users_controller_spec.rb
+++ b/spec/controllers/users_controller_spec.rb
@@ -84,16 +84,11 @@ describe UsersController do
     end
 
     context 'invalid token' do
-      before do
-        EmailToken.expects(:confirm).with('asdfasdf').returns(nil)
-        put :perform_account_activation, token: 'asdfasdf'
-      end
 
       it 'return success' do
+        EmailToken.expects(:confirm).with('asdfasdf').returns(nil)
+        put :perform_account_activation, token: 'asdfasdf'
         expect(response).to be_success
-      end
-
-      it 'sets a flash error' do
         expect(flash[:error]).to be_present
       end
     end
@@ -249,7 +244,7 @@ describe UsersController do
       end
 
       it 'disallows login' do
-        expect(flash[:error]).to be_present
+        expect(assigns[:error]).to be_present
         expect(session[:current_user_id]).to be_blank
         expect(assigns[:invalid_token]).to eq(nil)
         expect(response).to be_success
@@ -262,7 +257,7 @@ describe UsersController do
       end
 
       it 'disallows login' do
-        expect(flash[:error]).to be_present
+        expect(assigns[:error]).to be_present
         expect(session[:current_user_id]).to be_blank
         expect(assigns[:invalid_token]).to eq(true)
         expect(response).to be_success
@@ -277,7 +272,7 @@ describe UsersController do
         get :password_reset, token: token
         put :password_reset, token: token, password: 'newpassword'
         expect(response).to be_success
-        expect(flash[:error]).to be_blank
+        expect(assigns[:error]).to be_blank
       end
     end