Oh right, hide NeoPass on settings page unless you set the magic param!

Simplified this a bit into a helper. It's kinda odd to me, but
convenient for this moment, that Rails allows views to read `params`! I
guess it's for escape hatches exactly like this! lol
This commit is contained in:
Emi Matchu 2024-04-08 05:34:47 -07:00
parent 5cc219c795
commit 0a046ed9c1
4 changed files with 6 additions and 9 deletions

View file

@ -12,7 +12,6 @@ class ApplicationController < ActionController::Base
before_action :set_locale before_action :set_locale
before_action :configure_permitted_parameters, if: :devise_controller? before_action :configure_permitted_parameters, if: :devise_controller?
before_action :check_neopass_access, if: :devise_controller?
before_action :save_return_to_path, before_action :save_return_to_path,
if: ->(c) { c.controller_name == 'sessions' && c.action_name == 'new' } if: ->(c) { c.controller_name == 'sessions' && c.action_name == 'new' }
@ -88,12 +87,6 @@ class ApplicationController < ActionController::Base
devise_parameter_sanitizer.permit(:account_update, keys: [:email]) devise_parameter_sanitizer.permit(:account_update, keys: [:email])
end end
def check_neopass_access
@can_use_neopass = (
params[:neopass] == Rails.configuration.neopass_access_secret
)
end
def save_return_to_path def save_return_to_path
if params[:return_to] if params[:return_to]
Rails.logger.debug "Saving return_to path: #{params[:return_to].inspect}" Rails.logger.debug "Saving return_to path: #{params[:return_to].inspect}"

View file

@ -69,6 +69,10 @@ module ApplicationHelper
end end
end end
def can_use_neopass
params[:neopass] == Rails.configuration.neopass_access_secret
end
def contact_email def contact_email
"matchu@openneo.net" "matchu@openneo.net"
end end

View file

@ -96,7 +96,7 @@
<%= form.submit "Disconnect your NeoPass", <%= form.submit "Disconnect your NeoPass",
disabled: !@auth_user.uses_password? && !@auth_user.email? %> disabled: !@auth_user.uses_password? && !@auth_user.email? %>
<% end %> <% end %>
<% else %> <% elsif can_use_neopass %>
<%= form_with url: auth_user_neopass_omniauth_authorize_path(intent: "connect"), <%= form_with url: auth_user_neopass_omniauth_authorize_path(intent: "connect"),
method: :post, class: "settings-form", data: {turbo: false} do |form| method: :post, class: "settings-form", data: {turbo: false} do |form|
%> %>

View file

@ -1,6 +1,6 @@
<h2>Log in</h2> <h2>Log in</h2>
<% if @can_use_neopass %> <% if can_use_neopass %>
🌟✨🌟✨🌟✨🌟✨🌟 🌟✨🌟✨🌟✨🌟✨🌟
<br /> <br />
<%= button_to "Log in with NeoPass", <%= button_to "Log in with NeoPass",