Class: ReceptionController
- Inherits:
-
ApplicationController
- Object
- ApplicationController
- ReceptionController
- Defined in:
- app/controllers/reception_controller.rb
Instance Method Summary collapse
- #change_your_password ⇒ Object
- #create_your_password ⇒ Object
- #disconnect ⇒ Object
- #email_input ⇒ Object
- #email_validation ⇒ Object
- #enter_your_password ⇒ Object
- #i_forgot_my_password ⇒ Object
- #parse_email ⇒ Object
- #password_checking ⇒ Object
- #password_creation ⇒ Object
- #password_reset ⇒ Object
- #request_new_password ⇒ Object
Instance Method Details
#change_your_password ⇒ Object
159 160 161 162 163 164 |
# File 'app/controllers/reception_controller.rb', line 159 def change_your_password @user = User.find_by(password_reset_token: params[:password_reset_token]) if @user.blank? redirect_to email_input_url, alert: "We were unable to find the record in the database. Please restart the process and make sure you are using a valid email address." end end |
#create_your_password ⇒ Object
87 88 89 90 91 92 |
# File 'app/controllers/reception_controller.rb', line 87 def create_your_password @user = User.find_by(password_creation_token: params[:password_creation_token]) if @user.blank? redirect_to email_input_url, alert: "We were unable to find the record in the database. Please restart the process and make sure you are using a valid email address." end end |
#disconnect ⇒ Object
191 192 193 194 195 |
# File 'app/controllers/reception_controller.rb', line 191 def disconnect .delete(:auth_token) redirect_to session[:target_page] || root_url, notice: t('authentication.logout_confirmation') destroy_target_page end |
#email_input ⇒ Object
9 10 |
# File 'app/controllers/reception_controller.rb', line 9 def email_input end |
#email_validation ⇒ Object
68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 |
# File 'app/controllers/reception_controller.rb', line 68 def email_validation @user = User.where(email_validation_token: params[:token]).first if @user && @user.email_validation_token_sent_at >= Time.zone.now - 1.hour # still valid token @user.email_validated = true @user.save unless @user.has_a_password? set_password_creation_token flash[:notice] = "Your email has been validated. There is 1 last step!" redirect_to create_your_password_path(password_creation_token: @user.password_creation_token) else # the user has a password redirect_to enter_your_password_path(auth_token: @user.auth_token) end elsif @user && @user.email_validation_token_sent_at <= Time.zone.now - 1.hour # expiredd token redirect_to email_input_url, alert: "Your verification token was created over an hour ago. Please restart the process." else redirect_to email_input_url, alert: "We were unable to validate your email. Please try again and make sure you are using a valid email address." end end |
#enter_your_password ⇒ Object
119 120 121 |
# File 'app/controllers/reception_controller.rb', line 119 def enter_your_password @user = User.find_by(auth_token: params[:auth_token]) end |
#i_forgot_my_password ⇒ Object
146 147 |
# File 'app/controllers/reception_controller.rb', line 146 def i_forgot_my_password end |
#parse_email ⇒ Object
12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 |
# File 'app/controllers/reception_controller.rb', line 12 def parse_email unless params[:user][:email].blank? @user = User.find_by(email: params[:user][:email]) if @user.blank? # first take care of the easy case with a completely new user # create new record @user = User.new(user_params) if @user.save send_validation_email @status = 'email_validation' respond_to do |format| format.html { flash[:notice] = "Your record has been successfully created." } format.js {} end else # problem saving new user record for some reason @status = 'no_user_save' respond_to do |format| format.html { flash[:alert] = "We had problems creating your record. Please try again. Make sure the email address is valid." } format.js {} end end else # the email address was already in the database # Returning user pathway goes here if @user.email_validated? && @user.has_a_password? @status = 'enter_password' respond_to do |format| format.html { redirect_to enter_your_password_path(auth_token: @user.auth_token) } format.js {} end elsif @user.email_validated? && !@user.has_a_password? # doesn't have a password # User needs to securily create a password send_password_creation_security_email # show screen to user with notice about password confirmation email @status = 'password_confirmation' respond_to do |format| format.html { flash[:notice] = "There is 1 last step!" } format.js {} end elsif !@user.email_validated? send_validation_email # show screen to user with notice about email validation @status = 'email_validation' respond_to do |format| format.html { flash[:notice] = "For your security, we need to verify your email address." } format.js {} end end end else # email is blank @status = 'blank_email' respond_to do |format| format.html { flash[:alert] = "Your email address cannot be blank." } format.js {} end end end |
#password_checking ⇒ Object
123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 |
# File 'app/controllers/reception_controller.rb', line 123 def password_checking @user = User.find(params[:id]) if @user if @user.email_validated? if @user.authenticate(params[:user][:password]) login_the_user flash[:notice] = t('authentication.login_confirmation') redirect_user_upon_successful_login destroy_target_page else # most likely wrong password flash.now.alert = t('authentication.warning.email_or_password_invalid') render "enter_your_password" end else # email not validated send_validation_email redirect_to root_path, alert: 'Our records show that your email address has not been validated. We need you to do so before letting your log in. Please check your email inbox or spam folder for an validation email.' end else # we can't find the user in the database flash[:alert] = "We were unable to find your email in the database. Please try again and make sure you are using a valid email address." redirect_to email_input_url end end |
#password_creation ⇒ Object
94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 |
# File 'app/controllers/reception_controller.rb', line 94 def password_creation @user = User.find(params[:id]) unless @user.blank? if !params[:user][:password].blank? && (params[:user][:password] == params[:user][:password_confirmation]) if @user.password_creation_token_sent_at >= Time.zone.now - 1.hour # still valid token if @user.update(user_params) login_the_user flash[:notice] = "Your new password was created and you have been logged in." redirect_to session[:target_page] || root_path destroy_target_page else # did not update ?!? flash[:alert] = "Some problems occurred while trying to create your password" render create_your_password end else # the token has expired redirect_to email_input_path, alert: 'Sorry, your password_creation_token has expired. To protect your privacy and ensure your security, we need to ask you to start the process over again. The token, when created, expires after 1 hour!' end else # password is blank or password and password_confirmation don't match redirect_to ( request.env["HTTP_REFERER"].present? ? :back : root_path ), alert: 'Your password cannot be blank and the password should be identical to the password confirmation. Please try again.' end else # @user is blank redirect_to email_input_path, alert: 'We could not find this user record in our database. Please start the process over.' end end |
#password_reset ⇒ Object
166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 |
# File 'app/controllers/reception_controller.rb', line 166 def password_reset @user = User.find(params[:id]) if @user.present? if params[:user][:password].present? && (params[:user][:password] == params[:user][:password_confirmation]) if @user.password_reset_sent_at >= Time.zone.now - 1.hour # still valid token if @user.update(user_params) login_the_user flash[:notice] = "Your password was changed and you have been logged in." redirect_to session[:target_page] || root_path destroy_target_page else # did not update ?!? flash[:alert] = "Some problems occurred while trying to change your password. Please try again." render change_your_password end else # the token has expired redirect_to email_input_path, alert: 'Sorry, your password_reset_token has expired. To protect your privacy and ensure your security, we need to ask you to start the process over again. The token, when created, expires after 1 hour!' end else # password is blank or password and password_confirmation don't match redirect_to :back, alert: 'Your password cannot be blank and the password should be identical to the password confirmation. Please try again.' end else # @user is blank redirect_to email_input_path, alert: 'We could not find this user record in our database. Please start the process over.' end end |
#request_new_password ⇒ Object
149 150 151 152 153 154 155 156 157 |
# File 'app/controllers/reception_controller.rb', line 149 def request_new_password @user = User.find_by(email: params[:user][:email]) if @user send_new_password_request_email # show confirmation screen else redirect_to i_forgot_my_password_path, alert: "We could not find a user with this email address: #{params[:user][:email]}. Please try again." end end |