forked from OpenNeo/impress
Add form to disconnect NeoPass
Can't connect it back yet! But you can disconnect it! :3
This commit is contained in:
parent
21b967f83d
commit
88a2688ac8
6 changed files with 62 additions and 6 deletions
|
@ -53,6 +53,3 @@
|
||||||
|
|
||||||
.neopass-explanation
|
.neopass-explanation
|
||||||
font-size: .85em
|
font-size: .85em
|
||||||
|
|
||||||
p:last-of-type
|
|
||||||
margin-bottom: 0
|
|
||||||
|
|
29
app/controllers/neopass_connections_controller.rb
Normal file
29
app/controllers/neopass_connections_controller.rb
Normal file
|
@ -0,0 +1,29 @@
|
||||||
|
class NeopassConnectionsController < ApplicationController
|
||||||
|
def destroy
|
||||||
|
@user = load_user
|
||||||
|
|
||||||
|
if @user.disconnect_neopass
|
||||||
|
flash[:notice] = "Your NeoPass has been disconnected. In the future, " +
|
||||||
|
"to log into this account, you'll need to use your password or your " +
|
||||||
|
"recovery email. You can also connect a different NeoPass, if you'd " +
|
||||||
|
"like."
|
||||||
|
else
|
||||||
|
flash[:alert] = "Whoops, there was an error disconnecting your " +
|
||||||
|
"NeoPass from your account, sorry. If this keeps happening, let us " +
|
||||||
|
"know!"
|
||||||
|
end
|
||||||
|
|
||||||
|
redirect_to edit_auth_user_registration_path
|
||||||
|
end
|
||||||
|
|
||||||
|
private
|
||||||
|
|
||||||
|
def load_user
|
||||||
|
# Well, what we *actually* do is just use `current_user`, and enforce that
|
||||||
|
# the provided user ID matches. The user ID param is only really for REST
|
||||||
|
# semantics and such!
|
||||||
|
raise AccessDenied unless user_signed_in?
|
||||||
|
raise AccessDenied unless current_user.id.to_s == params[:user_id]
|
||||||
|
current_user
|
||||||
|
end
|
||||||
|
end
|
|
@ -48,6 +48,27 @@ class AuthUser < AuthRecord
|
||||||
neopass_email || uid
|
neopass_email || uid
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def disconnect_neopass
|
||||||
|
# If there's no NeoPass, we're already done!
|
||||||
|
return true if !neopass?
|
||||||
|
|
||||||
|
begin
|
||||||
|
# Remove all of the NeoPass fields, and return whether we were
|
||||||
|
# successful. (I don't know why it wouldn't be, but let's be resilient!)
|
||||||
|
#
|
||||||
|
# NOTE: I considered leaving `neopass_email` in place, to help us support
|
||||||
|
# users who accidentally got locked out… but I think it's more
|
||||||
|
# important to respect data privacy and not be holding onto an
|
||||||
|
# email address the user doesn't realize we have!
|
||||||
|
update(provider: nil, uid: nil, neopass_email: nil)
|
||||||
|
rescue => error
|
||||||
|
# If something strange happens, log it and gracefully return `false`!
|
||||||
|
Sentry.capture_exception error
|
||||||
|
Rails.logger.error error
|
||||||
|
false
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
def self.from_omniauth(auth)
|
def self.from_omniauth(auth)
|
||||||
raise MissingAuthInfoError, "Email missing" if auth.info.email.blank?
|
raise MissingAuthInfoError, "Email missing" if auth.info.email.blank?
|
||||||
|
|
||||||
|
|
|
@ -4,7 +4,7 @@ class User < ApplicationRecord
|
||||||
PreviewTopContributorsCount = 3
|
PreviewTopContributorsCount = 3
|
||||||
|
|
||||||
belongs_to :auth_user, foreign_key: :remote_id, inverse_of: :user
|
belongs_to :auth_user, foreign_key: :remote_id, inverse_of: :user
|
||||||
delegate :neopass?, to: :auth_user
|
delegate :neopass?, :disconnect_neopass, to: :auth_user
|
||||||
|
|
||||||
has_many :closet_hangers
|
has_many :closet_hangers
|
||||||
has_many :closet_lists
|
has_many :closet_lists
|
||||||
|
|
|
@ -53,8 +53,14 @@
|
||||||
<% end %>
|
<% end %>
|
||||||
|
|
||||||
<% if resource.neopass? %>
|
<% if resource.neopass? %>
|
||||||
<%= form_with model: resource, url: registration_path(resource_name),
|
<%= form_with url: user_neopass_connection_path(resource), method: :delete,
|
||||||
html: { method: :put, class: "settings-form" } do |form| %>
|
class: "settings-form", data: {
|
||||||
|
turbo_confirm: "Are you sure? Without a NeoPass, you'll need to use " +
|
||||||
|
"your password or your recovery email \"#{resource.email}\" to " +
|
||||||
|
"log in again.\n\nMake sure you have everything all set up first! " +
|
||||||
|
"Otherwise, you might be locked out of this account forever!"
|
||||||
|
} do |form|
|
||||||
|
%>
|
||||||
<h2>Your NeoPass</h2>
|
<h2>Your NeoPass</h2>
|
||||||
<section class="neopass-info">
|
<section class="neopass-info">
|
||||||
<strong>
|
<strong>
|
||||||
|
@ -70,6 +76,7 @@
|
||||||
Impress account, using the Email saved in "Your info".
|
Impress account, using the Email saved in "Your info".
|
||||||
</p>
|
</p>
|
||||||
</section>
|
</section>
|
||||||
|
<%= form.submit "Disconnect your NeoPass" %>
|
||||||
<% end %>
|
<% end %>
|
||||||
<% end %>
|
<% end %>
|
||||||
|
|
||||||
|
|
|
@ -66,6 +66,8 @@ OpenneoImpressItems::Application.routes.draw do
|
||||||
|
|
||||||
resources :neopets_connections, path: 'neopets-connections',
|
resources :neopets_connections, path: 'neopets-connections',
|
||||||
only: [:create, :destroy]
|
only: [:create, :destroy]
|
||||||
|
|
||||||
|
resource :neopass_connection, path: "neopass-connection", only: [:destroy]
|
||||||
end
|
end
|
||||||
get 'users/current-user/closet' => 'closet_hangers#index', :as => :your_items
|
get 'users/current-user/closet' => 'closet_hangers#index', :as => :your_items
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue