Class: ReceptionController

Inherits:
ApplicationController
  • Object
show all
Defined in:
app/controllers/reception_controller.rb

Instance Method Summary collapse

Instance Method Details

#change_your_passwordObject


159
160
161
162
163
164
# File 'app/controllers/reception_controller.rb', line 159

def change_your_password
  @user = User.find_by(password_reset_token: params[:password_reset_token])
  if @user.blank?
    redirect_to email_input_url, alert: "We were unable to find the record in the database. Please restart the process and make sure you are using a valid email address."
  end
end

#create_your_passwordObject


87
88
89
90
91
92
# File 'app/controllers/reception_controller.rb', line 87

def create_your_password
  @user = User.find_by(password_creation_token: params[:password_creation_token])
  if @user.blank?
    redirect_to email_input_url, alert: "We were unable to find the record in the database. Please restart the process and make sure you are using a valid email address."
  end
end

#disconnectObject


191
192
193
194
195
# File 'app/controllers/reception_controller.rb', line 191

def disconnect
  cookies.delete(:auth_token)
  redirect_to session[:target_page] || root_url, notice: t('authentication.logout_confirmation')
  destroy_target_page
end

#email_inputObject


9
10
# File 'app/controllers/reception_controller.rb', line 9

def email_input
end

#email_validationObject


68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
# File 'app/controllers/reception_controller.rb', line 68

def email_validation
  @user = User.where(email_validation_token: params[:token]).first
  if @user && @user.email_validation_token_sent_at >= Time.zone.now - 1.hour # still valid token
    @user.email_validated = true
    @user.save
    unless @user.has_a_password?
      set_password_creation_token
      flash[:notice] = "Your email has been validated. There is 1 last step!"
      redirect_to create_your_password_path(password_creation_token: @user.password_creation_token)
    else # the user has a password
      redirect_to enter_your_password_path(auth_token: @user.auth_token)
    end
  elsif @user && @user.email_validation_token_sent_at <= Time.zone.now - 1.hour # expiredd token
    redirect_to email_input_url, alert: "Your verification token was created over an hour ago. Please restart the process."
  else
    redirect_to email_input_url, alert: "We were unable to validate your email. Please try again and make sure you are using a valid email address."
  end
end

#enter_your_passwordObject


119
120
121
# File 'app/controllers/reception_controller.rb', line 119

def enter_your_password
  @user = User.find_by(auth_token: params[:auth_token])
end

#i_forgot_my_passwordObject


146
147
# File 'app/controllers/reception_controller.rb', line 146

def i_forgot_my_password
end

#parse_emailObject


12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
# File 'app/controllers/reception_controller.rb', line 12

def parse_email
  unless params[:user][:email].blank?
    @user = User.find_by(email: params[:user][:email])
    if @user.blank? # first take care of the easy case with a completely new user
      # create new record
      @user = User.new(user_params)
      if @user.save
        send_validation_email
        @status = 'email_validation'
        respond_to do |format|
          format.html { flash[:notice] = "Your record has been successfully created." }
          format.js {}
        end
      else # problem saving new user record for some reason
        @status = 'no_user_save'
        respond_to do |format|
          format.html { flash[:alert] = "We had problems creating your record. Please try again. Make sure the email address is valid." }
          format.js {}
        end
      end
    else # the email address was already in the database
      # Returning user pathway goes here
      if @user.email_validated? && @user.has_a_password?
        @status = 'enter_password'
        respond_to do |format|
          format.html { redirect_to enter_your_password_path(auth_token: @user.auth_token) }
          format.js {}
        end
      elsif @user.email_validated? && !@user.has_a_password? # doesn't have a password
        # User needs to securily create a password
        send_password_creation_security_email
        # show screen to user with notice about password confirmation email
        @status = 'password_confirmation'
        respond_to do |format|
          format.html { flash[:notice] = "There is 1 last step!" }
          format.js {}
        end
      elsif !@user.email_validated?
        send_validation_email
        # show screen to user with notice about email validation
        @status = 'email_validation'
        respond_to do |format|
          format.html { flash[:notice] = "For your security, we need to verify your email address." }
          format.js {}
        end
      end
    end
  else # email is blank
    @status = 'blank_email'
    respond_to do |format|
      format.html { flash[:alert] = "Your email address cannot be blank." }
      format.js {}
    end
  end
end

#password_checkingObject


123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
# File 'app/controllers/reception_controller.rb', line 123

def password_checking
  @user = User.find(params[:id])
  if @user
    if @user.email_validated?
      if @user.authenticate(params[:user][:password])
        
        flash[:notice] = t('authentication.login_confirmation')
        
        destroy_target_page
      else # most likely wrong password
        flash.now.alert = t('authentication.warning.email_or_password_invalid')
        render "enter_your_password"
      end
    else # email not validated
      send_validation_email
      redirect_to root_path, alert: 'Our records show that your email address has not been validated. We need you to do so before letting your log in. Please check your email inbox or spam folder for an validation email.'
    end
  else # we can't find the user in the database
    flash[:alert] = "We were unable to find your email in the database. Please try again and make sure you are using a valid email address."
    redirect_to email_input_url
  end
end

#password_creationObject


94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
# File 'app/controllers/reception_controller.rb', line 94

def password_creation
  @user = User.find(params[:id])
  unless @user.blank?
    if !params[:user][:password].blank? && (params[:user][:password] == params[:user][:password_confirmation])
      if @user.password_creation_token_sent_at >= Time.zone.now - 1.hour # still valid token
        if @user.update(user_params)
          
          flash[:notice] = "Your new password was created and you have been logged in."
          redirect_to session[:target_page] || root_path
          destroy_target_page
        else # did not update ?!?
          flash[:alert] = "Some problems occurred while trying to create your password"
          render create_your_password
        end
      else # the token has expired
        redirect_to email_input_path, alert: 'Sorry, your password_creation_token has expired. To protect your privacy and ensure your security, we need to ask you to start the process over again. The token, when created, expires after 1 hour!'
      end
    else # password is blank or password and password_confirmation don't match
       redirect_to ( request.env["HTTP_REFERER"].present? ? :back : root_path ), alert: 'Your password cannot be blank and the password should be identical to the password confirmation. Please try again.'
    end
  else # @user is blank
    redirect_to email_input_path, alert: 'We could not find this user record in our database. Please start the process over.'
  end
end

#password_resetObject


166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
# File 'app/controllers/reception_controller.rb', line 166

def password_reset
  @user = User.find(params[:id])
  if @user.present?
    if params[:user][:password].present? && (params[:user][:password] == params[:user][:password_confirmation])
      if @user.password_reset_sent_at >= Time.zone.now - 1.hour # still valid token
        if @user.update(user_params)
          
          flash[:notice] = "Your password was changed and you have been logged in."
          redirect_to session[:target_page] || root_path
          destroy_target_page
        else # did not update ?!?
          flash[:alert] = "Some problems occurred while trying to change your password. Please try again."
          render change_your_password
        end
      else # the token has expired
        redirect_to email_input_path, alert: 'Sorry, your password_reset_token has expired. To protect your privacy and ensure your security, we need to ask you to start the process over again. The token, when created, expires after 1 hour!'
      end
    else # password is blank or password and password_confirmation don't match
      redirect_to :back, alert: 'Your password cannot be blank and the password should be identical to the password confirmation. Please try again.'
    end
  else # @user is blank
    redirect_to email_input_path, alert: 'We could not find this user record in our database. Please start the process over.'
  end
end

#request_new_passwordObject


149
150
151
152
153
154
155
156
157
# File 'app/controllers/reception_controller.rb', line 149

def request_new_password
  @user = User.find_by(email: params[:user][:email])
  if @user
    send_new_password_request_email
    # show confirmation screen
  else
    redirect_to i_forgot_my_password_path, alert: "We could not find a user with this email address: #{params[:user][:email]}. Please try again."
  end
end