From 127414a36379c93182e3c75cf54ad49a7f060b6e Mon Sep 17 00:00:00 2001 From: Guillermo Kuster Date: Wed, 17 Apr 2019 15:48:23 -0300 Subject: [PATCH] Sign in user after confimation success --- .../confirmations_controller.rb | 46 +++++++++---------- .../confirmations_controller_test.rb | 24 ---------- 2 files changed, 21 insertions(+), 49 deletions(-) diff --git a/app/controllers/devise_token_auth/confirmations_controller.rb b/app/controllers/devise_token_auth/confirmations_controller.rb index 110430edb..f25bbf877 100644 --- a/app/controllers/devise_token_auth/confirmations_controller.rb +++ b/app/controllers/devise_token_auth/confirmations_controller.rb @@ -2,6 +2,20 @@ module DeviseTokenAuth class ConfirmationsController < DeviseTokenAuth::ApplicationController + def create + return head :bad_request if params[:email].blank? + + @resource = resource_class.dta_find_by(uid: params[:email].downcase, provider: provider) + + return head :not_found unless @resource + + @resource.send_confirmation_instructions({ + redirect_url: redirect_url, + client_config: params[:config_name] + }) + + head :ok + end def show @resource = resource_class.confirm_by_token(params[:confirmation_token]) @@ -11,39 +25,21 @@ def show redirect_header_options = { account_confirmation_success: true } - if signed_in?(resource_name) - client_id, token = signed_in_resource.create_token + client_id, token = @resource.create_token - redirect_headers = build_redirect_headers(token, - client_id, - redirect_header_options) + sign_in(:user, @resource, store: false, bypass: false) + @resource.save! - redirect_to_link = signed_in_resource.build_auth_url(redirect_url, redirect_headers) - else - redirect_to_link = DeviseTokenAuth::Url.generate(redirect_url, redirect_header_options) - end + redirect_headers = build_redirect_headers(token, + client_id, + redirect_header_options) - redirect_to(redirect_to_link) + redirect_to(@resource.build_auth_url(redirect_url, redirect_headers)) else raise ActionController::RoutingError, 'Not Found' end end - def create - return head :bad_request if params[:email].blank? - - @resource = resource_class.dta_find_by(uid: params[:email].downcase, provider: provider) - - return head :not_found unless @resource - - @resource.send_confirmation_instructions({ - redirect_url: redirect_url, - client_config: params[:config_name] - }) - - head :ok - end - private # give redirect value from params priority or fall back to default value if provided diff --git a/test/controllers/devise_token_auth/confirmations_controller_test.rb b/test/controllers/devise_token_auth/confirmations_controller_test.rb index ee3908ac7..7cb8a3a84 100644 --- a/test/controllers/devise_token_auth/confirmations_controller_test.rb +++ b/test/controllers/devise_token_auth/confirmations_controller_test.rb @@ -63,30 +63,6 @@ def token_and_client_config_from(body) end end - describe 'when unauthenticated' do - before do - sign_out(@new_user) - get :show, - params: { confirmation_token: @token, - redirect_url: @redirect_url }, - xhr: true - @resource = assigns(:resource) - end - - test 'user should now be confirmed' do - assert @resource.confirmed? - end - - test 'should redirect to success url' do - assert_redirected_to(/^#{@redirect_url}/) - end - - test 'redirect url does not include token params' do - refute @token_params.any? { |param| response.body.include?(param) } - assert response.body.include?('account_confirmation_success') - end - end - describe 'resend confirmation' do before do post :create,