1
0
Fork 0
forked from OpenNeo/impress

Eject AuthUsersController from the default Devise controller

I'm getting ready to add handling for "what if you don't *have* a
current password*??", so it seems like the right way to do that is to
just eject the controller and start customizing!
This commit is contained in:
Emi Matchu 2024-04-08 04:02:54 -07:00
parent 3e92d89765
commit ae2b62956a
7 changed files with 75 additions and 31 deletions

View file

@ -1,6 +1,6 @@
@import "../../partials/clean/constants" @import "../partials/clean/constants"
body.devise-registrations-edit, body.devise-registrations-update body.auth_users-edit, body.auth_users-update
.settings-form .settings-form
border: 1px solid $module-border-color border: 1px solid $module-border-color
background: $module-bg-color background: $module-bg-color

View file

@ -0,0 +1,50 @@
class AuthUsersController < ApplicationController
before_action :authenticate_user!, except: [:new, :create]
def create
@auth_user = AuthUser.create(auth_user_params)
if @auth_user.persisted?
sign_in :auth_user, @auth_user
flash[:notice] = "Welcome to Dress to Impress, #{@auth_user.name}! 💖"
redirect_to root_path
else
render action: :new, status: :unprocessable_entity
end
end
def edit
@auth_user = current_auth_user
end
def new
@auth_user = AuthUser.new
end
def update
@auth_user = load_auth_user
if @auth_user.update_with_password(auth_user_params)
flash[:notice] = "Settings successfully saved."
redirect_to action: :edit
else
render action: :edit, status: :unprocessable_entity
end
end
private
def auth_user_params
params.require(:auth_user).permit(:name, :email, :password,
:password_confirmation, :current_password)
end
def load_auth_user
# Well, what we *actually* do is just use `current_auth_user`, and enforce
# that the provided user ID matches. The user ID param is only really for
# REST semantics and such!
raise AccessDenied unless auth_user_signed_in?
raise AccessDenied unless current_auth_user.id == params[:id].to_i
current_auth_user
end
end

View file

@ -1,8 +1,8 @@
<h2>Settings</h2> <h2>Settings</h2>
<%= form_for(resource, as: resource_name, url: registration_path(resource_name), html: { method: :put, class: "settings-form" }) do |f| %> <%= form_with(model: @auth_user, method: :put, class: "settings-form") do |f| %>
<h2>Your info</h2> <h2>Your info</h2>
<%= render "devise/shared/error_messages", resource: resource %> <%= render "devise/shared/error_messages", resource: @auth_user %>
<fieldset> <fieldset>
<div class="field"> <div class="field">
@ -52,11 +52,11 @@
</div> </div>
<% end %> <% end %>
<% if resource.uses_neopass? %> <% if @auth_user.uses_neopass? %>
<%= form_with url: user_neopass_connection_path(resource.user), method: :delete, <%= form_with url: user_neopass_connection_path(@auth_user.user),
class: "settings-form", data: { method: :delete, class: "settings-form", data: {
turbo_confirm: "Are you sure? Without a NeoPass, you'll need to use " + turbo_confirm: "Are you sure? Without a NeoPass, you'll need to use " +
"your password or your recovery email \"#{resource.email}\" to " + "your password or your recovery email \"#{@auth_user.email}\" to " +
"log in again.\n\nMake sure you have everything all set up first! " + "log in again.\n\nMake sure you have everything all set up first! " +
"Otherwise, you might be locked out of this account forever!" "Otherwise, you might be locked out of this account forever!"
} do |form| } do |form|
@ -66,7 +66,7 @@
<strong> <strong>
NeoPass ID: NeoPass ID:
</strong> </strong>
<%= resource.neopass_friendly_id %> <%= @auth_user.neopass_friendly_id %>
</section> </section>
<section class="neopass-explanation"> <section class="neopass-explanation">
<p> <p>
@ -75,26 +75,26 @@
you can still use "Forgot your password?" to recover your Dress to you can still use "Forgot your password?" to recover your Dress to
Impress account, using the Email saved in "Your info". Impress account, using the Email saved in "Your info".
</p> </p>
<% if !resource.uses_password? && !resource.email %> <% if !@auth_user.uses_password? && !@auth_user.email %>
<p> <p>
You can't remove this NeoPass yet, because you need to either set a You can't remove this NeoPass yet, because you need to either set a
password or a recovery email first. (Ideally both!) password or a recovery email first. (Ideally both!)
</p> </p>
<% elsif !resource.uses_password? %> <% elsif !@auth_user.uses_password? %>
<p> <p>
Be extra careful here! Your account doesn't have a password set. Be extra careful here! Your account doesn't have a password set.
</p> </p>
<% elsif !resource.email? %> <% elsif !@auth_user.email? %>
<p> <p>
Be extra careful here! Your account doesn't have an email set. Be extra careful here! Your account doesn't have an email set.
</p> </p>
<% end %> <% end %>
</section> </section>
<%= form.submit "Disconnect your NeoPass", <%= form.submit "Disconnect your NeoPass",
disabled: !resource.uses_password? && !resource.email? %> disabled: !@auth_user.uses_password? && !@auth_user.email? %>
<% end %> <% end %>
<% end %> <% end %>
<% content_for :stylesheets do %> <% content_for :stylesheets do %>
<%= stylesheet_link_tag "devise/registrations/edit" %> <%= stylesheet_link_tag "auth_users/edit" %>
<% end %> <% end %>

View file

@ -1,7 +1,7 @@
<h2>Sign up</h2> <h2>Sign up</h2>
<%= form_for(resource, as: resource_name, url: registration_path(resource_name)) do |f| %> <%= form_with(model: @auth_user, method: :post) do |f| %>
<%= render "devise/shared/error_messages", resource: resource %> <%= render "devise/shared/error_messages", resource: @auth_user %>
<p> <p>
Choose a username, and an email address we can use to reset your password. Choose a username, and an email address we can use to reset your password.

View file

@ -1,19 +1,11 @@
<%- if controller_name != 'sessions' %> <%- if controller_name != 'sessions' %>
<%= link_to "Log in", new_session_path(resource_name) %><br /> <%= link_to "Log in", new_auth_user_session_path %><br />
<% end %> <% end %>
<%- if devise_mapping.registerable? && controller_name != 'registrations' %> <%- if controller_name != 'auth_users' %>
<%= link_to "Sign up", new_registration_path(resource_name) %><br /> <%= link_to "Sign up", new_auth_user_path %><br />
<% end %> <% end %>
<%- if devise_mapping.recoverable? && controller_name != 'passwords' && controller_name != 'registrations' %> <%- if controller_name != 'passwords' && controller_name != 'registrations' %>
<%= link_to "Forgot your password?", new_password_path(resource_name) %><br /> <%= link_to "Forgot your password?", new_auth_user_password_path %><br />
<% end %>
<%- if devise_mapping.confirmable? && controller_name != 'confirmations' %>
<%= link_to "Didn't receive confirmation instructions?", new_confirmation_path(resource_name) %><br />
<% end %>
<%- if devise_mapping.lockable? && resource_class.unlock_strategy_enabled?(:email) && controller_name != 'unlocks' %>
<%= link_to "Didn't receive unlock instructions?", new_unlock_path(resource_name) %><br />
<% end %> <% end %>

View file

@ -49,7 +49,7 @@
= userbar_contributions_summary(current_user) = userbar_contributions_summary(current_user)
= link_to t('.userbar.items'), user_closet_hangers_path(current_user), :id => 'userbar-items-link' = link_to t('.userbar.items'), user_closet_hangers_path(current_user), :id => 'userbar-items-link'
= link_to t('.userbar.outfits'), current_user_outfits_path = link_to t('.userbar.outfits'), current_user_outfits_path
= link_to t('.userbar.settings'), edit_auth_user_registration_path = link_to t('.userbar.settings'), edit_auth_user_path
= button_to t('.userbar.logout'), destroy_auth_user_session_path, method: :delete, = button_to t('.userbar.logout'), destroy_auth_user_session_path, method: :delete,
params: {return_to: request.fullpath} params: {return_to: request.fullpath}
- else - else

View file

@ -2,7 +2,9 @@ OpenneoImpressItems::Application.routes.draw do
root :to => 'outfits#new' root :to => 'outfits#new'
# Login and account management! # Login and account management!
devise_for :auth_users, path: "users" devise_for :auth_users, path: "users", skip: [:registrations]
resources :auth_users, only: [:new, :create, :update]
get '/users/edit', to: 'auth_users#edit', as: 'edit_auth_user'
# The outfit editor! # The outfit editor!
# TODO: It's a bit silly that outfits/new points to outfits#edit. # TODO: It's a bit silly that outfits/new points to outfits#edit.