dice/impress
1
0
Fork 0
forked from OpenNeo/impress
Code Pull requests Activity
impress/app/views/auth_users/edit.html.erb
Emi Matchu 95c1a4f391 Fix bugs in Settings page when changes to the model are incomplete 
Ahh okay tricky lil thing: if you show the settings page with a partial
change to `AuthUser` that didn't get saved, it can throw off the state
of some stuff. For example, if you don't have a password yet, then
enter a new password but leave the confirmation box blank, then you'll
correctly see "Password confirmation can't be blank", but you'll *also*
then be prompted for your "Current password", even though you don't
have one yet, because `@auth_user.uses_password?` is true now.

In this change, we extend the Settings form to use two copies of the
`AuthUser`. One is the copy with changes on it, and the other is the
"persisted" copy, which we check for parts of the UI that care about
what's actually saved, vs form state.
2024-04-09 06:34:06 -07:00

119 lines
4.1 KiB
Text
Raw Blame History

<h2>Settings</h2>
<%= form_with(model: @auth_user, method: :put, class: "settings-form") do |f| %>
<h2>Your info</h2>
<%= render "devise/shared/error_messages", resource: @auth_user %>
<fieldset>
<div class="field">
<%= f.label :name, 'DTI Username' %>
<span class="hint">Use this to log in to Dress to Impress!</span>
<br />
<%= f.text_field :name, autocomplete: "username" %>
</div>
<div class="field">
<%= f.label :email %>
<span class="hint">This can help you recover your account later.</span>
<br />
<%= f.email_field :email, autocomplete: "email" %>
</div>
</fieldset>
<fieldset>
<div class="field">
<%= f.label :password, "New password" %>
<span class="hint">Leave blank if you don't want to change it.</span>
<br />
<%= f.password_field :password, autocomplete: "new-password" %>
<% if @minimum_password_length %>
<br />
<span class="hint"><%= @minimum_password_length %> characters minimum</span>
<% end %>
</div>
<div class="field">
<%= f.label :password_confirmation, "New password confirmation" %><br />
<%= f.password_field :password_confirmation, autocomplete: "new-password" %>
</div>
</fieldset>
<%# Current password is only required if you have one! %>
<% if @persisted_auth_user.uses_password? %>
<fieldset>
<div class="field">
<%= f.label :current_password %>
<span class="hint">We need your current password to confirm your changes.</span>
<br />
<%= f.password_field :current_password, autocomplete: "current-password" %>
</div>
</fieldset>
<% end %>
<div class="actions">
<%= f.submit "Save changes" %>
</div>
<% end %>
<% if @persisted_auth_user.uses_neopass? %>
<%= form_with url: user_neopass_connection_path(@auth_user.user),
method: :delete, class: "settings-form", data: {
turbo_confirm: "Are you sure? Without a NeoPass, you'll need to use " +
"your password or your recovery email " +
"\"#{@persisted_auth_user.email}\" to log in again.\n\nMake sure " +
"you have everything all set up first! Otherwise, you might be " +
"locked out of this account forever!"
} do |form|
%>
<h2>Your NeoPass</h2>
<section class="neopass-info">
<strong>
NeoPass ID:
</strong>
<%= @persisted_auth_user.neopass_friendly_id %>
</section>
<section class="neopass-explanation">
<p>
You can log into your Dress to Impress account with NeoPass, or with
your username and password. If you ever lose access to your NeoPass,
you can still use "Forgot your password?" to recover your Dress to
Impress account, using the Email saved in "Your info".
</p>
<% if !@persisted_auth_user.uses_password? && !@persisted_auth_user.email? %>
<p>
You can't remove this NeoPass yet, because you need to either set a
password or a recovery email first. (Ideally both!)
</p>
<% elsif !@persisted_auth_user.uses_password? %>
<p>
Be extra careful here! Your account doesn't have a password set.
</p>
<% elsif !@persisted_auth_user.email? %>
<p>
Be extra careful here! Your account doesn't have an email set.
</p>
<% end %>
</section>
<%= form.submit "Disconnect your NeoPass",
disabled: !@persisted_auth_user.uses_password? &&
!@persisted_auth_user.email? %>
<% end %>
<% elsif can_use_neopass %>
<%= form_with url: auth_user_neopass_omniauth_authorize_path(intent: "connect"),
method: :post, class: "settings-form", data: {turbo: false} do |form|
%>
<h2>Your NeoPass</h2>
<section class="neopass-explanation">
<p>
If you connect a NeoPass, you can use it to log into this DTI account!
You'll still be able to use your password to log in too, and you can
disconnect this later if you'd like.
</p>
</section>
<%= form.submit "Connect your NeoPass" %>
<% end %>
<% end %>
<% content_for :stylesheets do %>
<%= stylesheet_link_tag "auth_users/edit" %>
<% end %>
View git blame Copy permalink