forked from OpenNeo/impress
Add form to disconnect NeoPass
Can't connect it back yet! But you can disconnect it! :3
This commit is contained in:
parent
21b967f83d
commit
88a2688ac8
6 changed files with 62 additions and 6 deletions
|
@ -53,6 +53,3 @@
|
|||
|
||||
.neopass-explanation
|
||||
font-size: .85em
|
||||
|
||||
p:last-of-type
|
||||
margin-bottom: 0
|
||||
|
|
29
app/controllers/neopass_connections_controller.rb
Normal file
29
app/controllers/neopass_connections_controller.rb
Normal file
|
@ -0,0 +1,29 @@
|
|||
class NeopassConnectionsController < ApplicationController
|
||||
def destroy
|
||||
@user = load_user
|
||||
|
||||
if @user.disconnect_neopass
|
||||
flash[:notice] = "Your NeoPass has been disconnected. In the future, " +
|
||||
"to log into this account, you'll need to use your password or your " +
|
||||
"recovery email. You can also connect a different NeoPass, if you'd " +
|
||||
"like."
|
||||
else
|
||||
flash[:alert] = "Whoops, there was an error disconnecting your " +
|
||||
"NeoPass from your account, sorry. If this keeps happening, let us " +
|
||||
"know!"
|
||||
end
|
||||
|
||||
redirect_to edit_auth_user_registration_path
|
||||
end
|
||||
|
||||
private
|
||||
|
||||
def load_user
|
||||
# Well, what we *actually* do is just use `current_user`, and enforce that
|
||||
# the provided user ID matches. The user ID param is only really for REST
|
||||
# semantics and such!
|
||||
raise AccessDenied unless user_signed_in?
|
||||
raise AccessDenied unless current_user.id.to_s == params[:user_id]
|
||||
current_user
|
||||
end
|
||||
end
|
|
@ -48,6 +48,27 @@ class AuthUser < AuthRecord
|
|||
neopass_email || uid
|
||||
end
|
||||
|
||||
def disconnect_neopass
|
||||
# If there's no NeoPass, we're already done!
|
||||
return true if !neopass?
|
||||
|
||||
begin
|
||||
# Remove all of the NeoPass fields, and return whether we were
|
||||
# successful. (I don't know why it wouldn't be, but let's be resilient!)
|
||||
#
|
||||
# NOTE: I considered leaving `neopass_email` in place, to help us support
|
||||
# users who accidentally got locked out… but I think it's more
|
||||
# important to respect data privacy and not be holding onto an
|
||||
# email address the user doesn't realize we have!
|
||||
update(provider: nil, uid: nil, neopass_email: nil)
|
||||
rescue => error
|
||||
# If something strange happens, log it and gracefully return `false`!
|
||||
Sentry.capture_exception error
|
||||
Rails.logger.error error
|
||||
false
|
||||
end
|
||||
end
|
||||
|
||||
def self.from_omniauth(auth)
|
||||
raise MissingAuthInfoError, "Email missing" if auth.info.email.blank?
|
||||
|
||||
|
|
|
@ -4,7 +4,7 @@ class User < ApplicationRecord
|
|||
PreviewTopContributorsCount = 3
|
||||
|
||||
belongs_to :auth_user, foreign_key: :remote_id, inverse_of: :user
|
||||
delegate :neopass?, to: :auth_user
|
||||
delegate :neopass?, :disconnect_neopass, to: :auth_user
|
||||
|
||||
has_many :closet_hangers
|
||||
has_many :closet_lists
|
||||
|
|
|
@ -53,8 +53,14 @@
|
|||
<% end %>
|
||||
|
||||
<% if resource.neopass? %>
|
||||
<%= form_with model: resource, url: registration_path(resource_name),
|
||||
html: { method: :put, class: "settings-form" } do |form| %>
|
||||
<%= form_with url: user_neopass_connection_path(resource), method: :delete,
|
||||
class: "settings-form", data: {
|
||||
turbo_confirm: "Are you sure? Without a NeoPass, you'll need to use " +
|
||||
"your password or your recovery email \"#{resource.email}\" to " +
|
||||
"log in again.\n\nMake sure you have everything all set up first! " +
|
||||
"Otherwise, you might be locked out of this account forever!"
|
||||
} do |form|
|
||||
%>
|
||||
<h2>Your NeoPass</h2>
|
||||
<section class="neopass-info">
|
||||
<strong>
|
||||
|
@ -70,6 +76,7 @@
|
|||
Impress account, using the Email saved in "Your info".
|
||||
</p>
|
||||
</section>
|
||||
<%= form.submit "Disconnect your NeoPass" %>
|
||||
<% end %>
|
||||
<% end %>
|
||||
|
||||
|
|
|
@ -66,6 +66,8 @@ OpenneoImpressItems::Application.routes.draw do
|
|||
|
||||
resources :neopets_connections, path: 'neopets-connections',
|
||||
only: [:create, :destroy]
|
||||
|
||||
resource :neopass_connection, path: "neopass-connection", only: [:destroy]
|
||||
end
|
||||
get 'users/current-user/closet' => 'closet_hangers#index', :as => :your_items
|
||||
|
||||
|
|
Loading…
Reference in a new issue