From d65aafdd4c67f20dfc37af9b64728716bd8df9cc Mon Sep 17 00:00:00 2001 From: Matchu Date: Sun, 6 Aug 2023 17:26:56 -0700 Subject: [PATCH] Signup and settings page for OpenNeo ID accounts Hey nice!! Note that I removed an account delete button from the settings page. You can still send a DELETE request to the right endpoint to do it, but it's not gonna delete all the associated records, and I wanna think a bit about how to handle that better before exposing that button. --- app/controllers/application_controller.rb | 9 ++++ app/models/auth_user.rb | 2 +- app/views/devise/registrations/edit.html.erb | 39 +++++++++++++++++ app/views/devise/registrations/new.html.erb | 44 ++++++++++++++++++++ app/views/layouts/application.html.haml | 2 +- config/routes.rb | 1 - 6 files changed, 94 insertions(+), 3 deletions(-) create mode 100644 app/views/devise/registrations/edit.html.erb create mode 100644 app/views/devise/registrations/new.html.erb diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 86546338..43b865b4 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -9,6 +9,8 @@ class ApplicationController < ActionController::Base before_action :set_locale + before_action :configure_permitted_parameters, if: :devise_controller? + def authenticate_user! redirect_to(new_auth_user_session_path) unless user_signed_in? end @@ -70,5 +72,12 @@ class ApplicationController < ActionController::Base def valid_locale?(locale) locale && I18n.usable_locales.include?(locale.to_sym) end + + def configure_permitted_parameters + # Devise will automatically permit the authentication key (username) and + # the password, but we need to let the email field through ourselves. + devise_parameter_sanitizer.permit(:sign_up, keys: [:email]) + devise_parameter_sanitizer.permit(:account_update, keys: [:email]) + end end diff --git a/app/models/auth_user.rb b/app/models/auth_user.rb index 92c832e8..4471728a 100644 --- a/app/models/auth_user.rb +++ b/app/models/auth_user.rb @@ -1,7 +1,7 @@ class AuthUser < AuthRecord self.table_name = 'users' - devise :database_authenticatable, :encryptable + devise :database_authenticatable, :encryptable, :registerable, :validatable # devise :database_authenticatable, :lockable, :registerable, :recoverable, # :trackable, :validatable diff --git a/app/views/devise/registrations/edit.html.erb b/app/views/devise/registrations/edit.html.erb new file mode 100644 index 00000000..c5e9dd3d --- /dev/null +++ b/app/views/devise/registrations/edit.html.erb @@ -0,0 +1,39 @@ +

Edit <%= resource_name.to_s.humanize %>

+ +<%= form_for(resource, as: resource_name, url: registration_path(resource_name), html: { method: :put }) do |f| %> + <%= render "devise/shared/error_messages", resource: resource %> + +
+ <%= f.label :email %>
+ <%= f.email_field :email, autofocus: true, autocomplete: "email" %> +
+ + <% if devise_mapping.confirmable? && resource.pending_reconfirmation? %> +
Currently waiting confirmation for: <%= resource.unconfirmed_email %>
+ <% end %> + +
+ <%= f.label :password %> (leave blank if you don't want to change it)
+ <%= f.password_field :password, autocomplete: "new-password" %> + <% if @minimum_password_length %> +
+ <%= @minimum_password_length %> characters minimum + <% end %> +
+ +
+ <%= f.label :password_confirmation %>
+ <%= f.password_field :password_confirmation, autocomplete: "new-password" %> +
+ +
+ <%= f.label :current_password %> (we need your current password to confirm your changes)
+ <%= f.password_field :current_password, autocomplete: "current-password" %> +
+ +
+ <%= f.submit "Update" %> +
+<% end %> + +<%= link_to "Back", :back %> diff --git a/app/views/devise/registrations/new.html.erb b/app/views/devise/registrations/new.html.erb new file mode 100644 index 00000000..6a9a9f0b --- /dev/null +++ b/app/views/devise/registrations/new.html.erb @@ -0,0 +1,44 @@ +

Sign up

+ +<%= form_for(resource, as: resource_name, url: registration_path(resource_name)) do |f| %> + <%= render "devise/shared/error_messages", resource: resource %> + +

+ Choose a username, and an email address we can use to reset your password. +

+ +

+ Do not use your Neopets or email password here. + We don't expect a security breach, and we hash your password securely. + Regardless, if anything happens, we want there to be absolutely no harm done. +

+ +
+ <%= f.label :name, 'Username' %>
+ <%= f.text_field :name, autofocus: true, autocomplete: "username" %> +
+ +
+ <%= f.label :email %>
+ <%= f.email_field :email, autofocus: true, autocomplete: "email" %> +
+ +
+ <%= f.label :password %> + <% if @minimum_password_length %> + (<%= @minimum_password_length %> characters minimum) + <% end %>
+ <%= f.password_field :password, autocomplete: "new-password" %> +
+ +
+ <%= f.label :password_confirmation %>
+ <%= f.password_field :password_confirmation, autocomplete: "new-password" %> +
+ +
+ <%= f.submit "Sign up" %> +
+<% end %> + +<%= render "devise/shared/links" %> diff --git a/app/views/layouts/application.html.haml b/app/views/layouts/application.html.haml index 0e72e17a..7155b8d3 100644 --- a/app/views/layouts/application.html.haml +++ b/app/views/layouts/application.html.haml @@ -47,7 +47,7 @@ = userbar_contributions_summary(current_user) = link_to t('.userbar.items'), user_closet_hangers_path(current_user), :id => 'userbar-items-link' = link_to t('.userbar.outfits'), current_user_outfits_path - = link_to t('.userbar.settings'), auth_user_settings_path + = link_to t('.userbar.settings'), edit_auth_user_registration_path = button_to t('.userbar.logout'), destroy_auth_user_session_path, method: :delete - else = link_to auth_user_sign_in_path_with_return_to, :id => 'userbar-log-in' do diff --git a/config/routes.rb b/config/routes.rb index 0f1f1d82..4552b1c3 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -48,7 +48,6 @@ OpenneoImpressItems::Application.routes.draw do get '/modeling' => 'pets#bulk', :as => :bulk_pets devise_for :auth_users - get '/users/current-user/settings', to: redirect('/?TODO'), as: :auth_user_settings post '/locales/choose' => 'locales#choose', :as => :choose_locale