forked from OpenNeo/impress
Oops, allow NeoPass to be disconnected if you have no email address
That is, you're required to add a password *or* an email before disconnecting your NeoPass, but idk, I think it's rude to demand an email from someone for the sake of *disconnection*. Email is no longer required for accounts that already exist!
This commit is contained in:
parent
b5e203c0e5
commit
ed89380152
1 changed files with 23 additions and 1 deletions
|
@ -33,7 +33,29 @@ class AuthUser < AuthRecord
|
|||
end
|
||||
|
||||
def email_required?
|
||||
!uses_omniauth?
|
||||
# Email is required when creating a new account from scratch, but it isn't
|
||||
# required when creating a new account via third-party login (e.g. it's
|
||||
# already taken). It's also okay to remove your email address, though this
|
||||
if new_record?
|
||||
# When creating a new account, email is required when building it from
|
||||
# scratch, but not required when using third-party login. This is mainly
|
||||
# because third-party login can't reliably offer an unused email!
|
||||
!uses_omniauth?
|
||||
else
|
||||
# TODO: I had wanted to make email required if you already have one, to
|
||||
# make it harder to accidentally remove? I expected
|
||||
# `email_before_last_save` to be the way to check this, but it
|
||||
# seemed to be `nil` when calling this, go figure! For now, we're
|
||||
# allowing email to be removed.
|
||||
#
|
||||
# NOTE: This is important for the case where you're disconnecting a
|
||||
# NeoPass, but you don't have an email set, because your NeoPass
|
||||
# email already belonged to another account. I don't think it makes
|
||||
# sense to require people to add an alternate real email address in
|
||||
# order to be able to disconnect a NeoPass from a DTI account they
|
||||
# maybe even created by accident!
|
||||
false
|
||||
end
|
||||
end
|
||||
|
||||
def password_required?
|
||||
|
|
Loading…
Reference in a new issue