forked from thoughtbot/clearance
-
Notifications
You must be signed in to change notification settings - Fork 1
/
confirmations_controller.rb
65 lines (53 loc) · 1.65 KB
/
confirmations_controller.rb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
class Clearance::ConfirmationsController < ApplicationController
unloadable
before_filter :redirect_signed_in_confirmed_user, :only => [:new, :create]
before_filter :forbid_confirmed_user, :only => [:new, :create]
before_filter :forbid_missing_token, :only => [:new, :create]
before_filter :forbid_non_existent_user, :only => [:new, :create]
filter_parameter_logging :token
def new
create
end
def create
@user = ::User.find_by_id_and_token(params[:user_id], params[:token])
@user.confirm_email!
sign_in(@user)
flash_success_after_create
redirect_to(url_after_create)
end
private
def redirect_signed_in_confirmed_user
user = ::User.find_by_id(params[:user_id])
if user && user.email_confirmed? && current_user == user
flash_success_after_create
redirect_to(url_after_create)
end
end
def forbid_confirmed_user
user = ::User.find_by_id(params[:user_id])
if user && user.email_confirmed?
raise ActionController::Forbidden, "confirmed user"
end
end
def forbid_missing_token
if params[:token].blank?
raise ActionController::Forbidden, "missing token"
end
end
def forbid_non_existent_user
unless ::User.find_by_id_and_token(params[:user_id], params[:token])
raise ActionController::Forbidden, "non-existent user"
end
end
def flash_success_after_create
flash[:success] = translate(:confirmed_email,
:scope => [:clearance, :controllers, :confirmations],
:default => "Confirmed email and signed in.")
end
def url_after_create
root_url
end
def url_already_confirmed
sign_up_url
end
end