de-webpackify user verification workflow

2018-03-01 09:06:04 -06:00 · 2018-03-01 09:06:04 -06:00 · f1dfc4c2c5
parent e925e2955c
commit f1dfc4c2c5
4 changed files with 23 additions and 6 deletions
--- a/app/controllers/dashboard_controller.rb
+++ b/app/controllers/dashboard_controller.rb
@ -28,7 +28,14 @@ class DashboardController < ApplicationController
  end

  def verify
-    raise "TODO WIP"
+    # user = User.find_by!(confirmation_token: params.fetch(:token)) or raise "X"
+    user = User.first
+    user.update_attributes!(confirmation_token: SecureRandom.uuid,
+                            confirmed_at:       Time.now)
+    @token = SessionToken.as_json(user,
+                                  AbstractJwtToken::HUMAN_AUD,
+                                  Gem::Version.new("99.99.99")).to_json
+    render :confirmation_page, layout: false
  end

  # Endpoint reports CSP violations, indicating a possible security problem.
--- a/app/mailers/user_mailer.rb
+++ b/app/mailers/user_mailer.rb
@ -1,5 +1,5 @@
 class UserMailer < ApplicationMailer
-  RESET_PATH         = "http:%s/verify?token=%s"
+  RESET_PATH         = "http:%s/verify/%s"
  NOTHING_TO_CONFIRM = "FAILED EMAIL CHANGE"
  # Make sure the user gave us a valid email.
  def welcome_email(user)
--- a/app/views/dashboard/confirmation_page.html.erb
+++ b/app/views/dashboard/confirmation_page.html.erb
@ -0,0 +1,9 @@
+<html>
+  <body>
+   You are being <%= link_to "redirected", app_landing_page_path %>.
+   <script>
+     localStorage.session = JSON.stringify(<%= raw @token %>)
+     window.location.replace("<%= app_landing_page_path %>");
+   </script>
+  </body>
+</html>
--- a/config/routes.rb
+++ b/config/routes.rb
@ -57,10 +57,11 @@ FarmBot::Application.routes.draw do
  # =======================================================================
  # NON-API (USER FACING) URLS:
  # =======================================================================
-  get  "/"            => "dashboard#front_page",   as: :front_page
-  get  "/app"         => "dashboard#main_app",     as: :dashboard
-  get  "/tos_update"  => "dashboard#tos_update",   as: :tos_update
-  post "/csp_reports" => "dashboard#csp_reports",  as: :csp_report
+  get  "/"             => "dashboard#front_page",   as: :front_page
+  get  "/app"          => "dashboard#main_app",     as: :dashboard
+  get  "/app/controls" => "dashboard#main_app",     as: :app_landing_page
+  get  "/tos_update"   => "dashboard#tos_update",   as: :tos_update
+  post "/csp_reports"  => "dashboard#csp_reports",  as: :csp_report

  get "/password_reset/:token" => "dashboard#password_reset", as: :password_reset
  get "/verify/:token"         => "dashboard#verify",         as: :verify_user