Class: Lato::AccountController

Inherits:
ApplicationController show all
Defined in:
app/controllers/lato/account_controller.rb

Instance Method Summary collapse

Methods inherited from ApplicationController

#error, #not_found, #offline, #switch_locale

Methods included from Componentable

#lato_index_collection

Methods included from Layoutable

#active_navbar, #active_sidebar, #hide_sidebar, #page_class, #page_classes, #page_title, #show_sidebar

Methods included from Sessionable

#authenticate_session, #limit_requests, #not_authenticate_session, #session_create, #session_destroy

Instance Method Details

#destroy_actionObject 



157
158
159
160
161
162
163
164
165
166
167
168
169
 
# File 'app/controllers/lato/account_controller.rb', line 157

def destroy_action
  respond_to do |format|
    if @session.user.destroy_with_confirmation(params.require(:user).permit(:email_confirmation))
      session_destroy

      format.html { redirect_to lato.root_path }
      format.json { render json: {} }
    else
      format.html { render :index, status: :unprocessable_entity }
      format.json { render json: @session.user.errors, status: :unprocessable_entity }
    end
  end
end

#indexObject 



6
 
# File 'app/controllers/lato/account_controller.rb', line 6

def index; end

#request_verify_email_actionObject 



133
134
135
136
137
138
139
140
141
142
143
 
# File 'app/controllers/lato/account_controller.rb', line 133

def request_verify_email_action
  respond_to do |format|
    if @session.user.request_verify_email
      format.html { redirect_to lato., notice: I18n.t('lato.account_controller.request_verify_email_action_notice') }
      format.json { render json: @session.user }
    else
      format.html { render :index, status: :unprocessable_entity }
      format.json { render json: @session.user.errors, status: :unprocessable_entity }
    end
  end
end

#update_accepted_privacy_policy_version_actionObject 



171
172
173
174
175
176
177
178
179
180
181
 
# File 'app/controllers/lato/account_controller.rb', line 171

def update_accepted_privacy_policy_version_action
  respond_to do |format|
    if @session.user.update_accepted_privacy_policy_version(params.require(:user).permit(:confirm))
      format.html { redirect_to lato. }
      format.json { render json: @session.user }
    else
      format.html { render :index, status: :unprocessable_entity }
      format.json { render json: @session.user.errors, status: :unprocessable_entity }
    end
  end
end

#update_accepted_terms_and_conditions_version_actionObject 



183
184
185
186
187
188
189
190
191
192
193
 
# File 'app/controllers/lato/account_controller.rb', line 183

def update_accepted_terms_and_conditions_version_action
  respond_to do |format|
    if @session.user.update_accepted_terms_and_conditions_version(params.require(:user).permit(:confirm))
      format.html { redirect_to lato. }
      format.json { render json: @session.user }
    else
      format.html { render :index, status: :unprocessable_entity }
      format.json { render json: @session.user.errors, status: :unprocessable_entity }
    end
  end
end

#update_authenticator_actionObject 



20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
 
# File 'app/controllers/lato/account_controller.rb', line 20

def update_authenticator_action
  return respond_to_with_not_found unless Lato.config.authenticator_connection

  if @session.user.authenticator_secret
    respond_to do |format|
      if @session.user.remove_authenticator_secret
        format.html { redirect_to lato. }
        format.json { render json: @session.user }
      else
        format.html { render :index, status: :unprocessable_entity }
        format.json { render json: @session.user.errors, status: :unprocessable_entity }
      end
    end
  else
    respond_to do |format|
      if @session.user.generate_authenticator_secret
        format.html { redirect_to lato. }
        format.json { render json: @session.user }
      else
        format.html { render :index, status: :unprocessable_entity }
        format.json { render json: @session.user.errors, status: :unprocessable_entity }
      end
    end
  end
end

#update_password_actionObject 



145
146
147
148
149
150
151
152
153
154
155
 
# File 'app/controllers/lato/account_controller.rb', line 145

def update_password_action
  respond_to do |format|
    if @session.user.update(params.require(:user).permit(:password, :password_confirmation))
      format.html { redirect_to lato., notice: I18n.t('lato.account_controller.update_password_action_notice') }
      format.json { render json: @session.user }
    else
      format.html { render :index, status: :unprocessable_entity }
      format.json { render json: @session.user.errors, status: :unprocessable_entity }
    end
  end
end

#update_user_actionObject 



8
9
10
11
12
13
14
15
16
17
18
 
# File 'app/controllers/lato/account_controller.rb', line 8

def update_user_action
  respond_to do |format|
    if @session.user.update(params.require(:user).permit(:first_name, :last_name, :email))
      format.html { redirect_to lato., notice: I18n.t('lato.account_controller.update_user_action_notice') }
      format.json { render json: @session.user }
    else
      format.html { render :index, status: :unprocessable_entity }
      format.json { render json: @session.user.errors, status: :unprocessable_entity }
    end
  end
end

#update_web3_actionObject 



95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
 
# File 'app/controllers/lato/account_controller.rb', line 95

def update_web3_action
  return respond_to_with_not_found unless Lato.config.web3_connection

  if @session.user.web3_address
    respond_to do |format|
      if @session.user.remove_web3_connection
        format.html { redirect_to lato. }
        format.json { render json: @session.user }
      else
        format.html { render :index, status: :unprocessable_entity }
        format.json { render json: @session.user.errors, status: :unprocessable_entity }
      end
    end
  elsif session[:web3_nonce]
    respond_to do |format|
      if @session.user.add_web3_connection(params.require(:user).permit(:web3_address, :web3_signed_nonce).merge(web3_nonce: session[:web3_nonce]))
        session[:web3_nonce] = nil
        format.html { redirect_to lato. }
        format.json { render json: @session.user }
      else
        session[:web3_nonce] = nil
        format.html { render :index, status: :unprocessable_entity }
        format.json { render json: @session.user.errors, status: :unprocessable_entity }
      end
    end
  else
    respond_to do |format|
      if session[:web3_nonce] = SecureRandom.hex(32)
        format.html { redirect_to lato. }
        format.json { render json: @session.user }
      else
        format.html { render :index, status: :unprocessable_entity }
        format.json { render json: @session.user.errors, status: :unprocessable_entity }
      end
    end
  end
end

#update_webauthn_actionObject 



46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
 
# File 'app/controllers/lato/account_controller.rb', line 46

def update_webauthn_action
  return respond_to_with_not_found unless Lato.config.webauthn_connection

  respond_to do |format|
    command = params.dig(:user, :webauthn_command)

    case command
    when 'remove'
      if @session.user.remove_webauthn_credential
        reset_webauthn_registration_state
        format.html { redirect_to lato. }
        format.json { render json: @session.user }
      else
        format.html { render :index, status: :unprocessable_entity }
        format.json { render json: @session.user.errors, status: :unprocessable_entity }
      end
    when 'cancel'
      reset_webauthn_registration_state
      format.html { redirect_to lato. }
      format.json { render json: {} }
    when 'complete'
      permitted = params.require(:user).permit(:webauthn_credential)

      if @session.user.register_webauthn_credential(permitted[:webauthn_credential], session[:webauthn_registration_challenge])
        reset_webauthn_registration_state
        format.html { redirect_to lato. }
        format.json { render json: @session.user }
      else
        reset_webauthn_registration_state
        format.html { render :index, status: :unprocessable_entity }
        format.json { render json: @session.user.errors, status: :unprocessable_entity }
      end
    else
      options = @session.user.webauthn_registration_options
      session[:webauthn_registration_challenge] = Base64.strict_encode64(options.challenge)
      session[:webauthn_registration_options] = options.as_json
      format.html { redirect_to lato. }
      format.json { render json: { options: session[:webauthn_registration_options] } }
    end
  end
rescue StandardError => e
  Rails.logger.error(e)
  reset_webauthn_registration_state
  respond_to do |format|
    format.html { render :index, status: :unprocessable_entity }
    format.json { render json: { error: :webauthn_unexpected_error }, status: :unprocessable_entity }
  end
end