Class: Decidim::Devise::SessionsController

Inherits:
Devise::SessionsController
  • Object
show all
Includes:
Decidim::DeviseControllers
Defined in:
app/controllers/decidim/devise/sessions_controller.rb

Overview

Custom Devise SessionsController to avoid namespace problems.

Instance Method Summary collapse

Instance Method Details

#after_sign_in_path_for(user) ⇒ Object



38
39
40
41
42
43
44
45
46
47
48
# File 'app/controllers/decidim/devise/sessions_controller.rb', line 38

def (user)
  if user.present? && user.blocked?
    check_user_block_status(user)
  elsif user.needs_password_update?
    change_password_path
  elsif (user) && !user.admin? && !pending_redirect?(user)
    decidim_verifications.
  else
    super
  end
end

#after_sign_out_path_for(user) ⇒ Object



62
63
64
# File 'app/controllers/decidim/devise/sessions_controller.rb', line 62

def after_sign_out_path_for(user)
  request.referer || super
end

#createObject



11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
# File 'app/controllers/decidim/devise/sessions_controller.rb', line 11

def create
  super do |user|
    if user.admin?
      # Check that the admin password passes the validation and clear the
      # `password_updated_at` field when the password is weak to force a
      # password update on the user.
      #
      # Handles a case when the user registers through the registration
      # form and they are promoted to an admin after that. In this case,
      # the newly promoted admin user would otherwise have to change their
      # password straight away even if they originally registered with a
      # strong password.
      validator = PasswordValidator.new({ attributes: :password })
      user.update!(password_updated_at: nil) unless validator.validate_each(user, :password, [:password])
    end
  end
end

#destroyObject



29
30
31
32
33
34
35
36
# File 'app/controllers/decidim/devise/sessions_controller.rb', line 29

def destroy
  current_user.invalidate_all_sessions!
  if params[:translation_suffix].present?
    super { set_flash_message! :notice, params[:translation_suffix], { scope: "decidim.devise.sessions" } }
  else
    super
  end
end

#first_login_and_not_authorized?(user) ⇒ Boolean

Returns:

  • (Boolean)


58
59
60
# File 'app/controllers/decidim/devise/sessions_controller.rb', line 58

def (user)
  user.is_a?(User) && user. == 1 && current_organization.available_authorizations.any? && user.verifiable?
end

#pending_redirect?(user) ⇒ Boolean

Calling the ‘stored_location_for` method removes the key, so in order to check if there’s any pending redirect after login I need to call this method and use the value to set a pending redirect. This is the only way to do this without checking the session directly.

Returns:

  • (Boolean)


54
55
56
# File 'app/controllers/decidim/devise/sessions_controller.rb', line 54

def pending_redirect?(user)
  store_location_for(user, stored_location_for(user))
end