RubyGems - decidim-friendly_signup - Versions diffs - 0.1 → 0.4 - Mend

decidim-friendly_signup 0.1 → 0.4

Files changed (31) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 8f2ae2b38da8d5bfc15a20685f71f03c57874127d6017924d475a142f60d02cf
-  data.tar.gz: 929035be31dd91ac0e725b849f83385164966b2be0f47ed103a8d3b5c3cbc149
+  metadata.gz: df7a2d3137cd72541b5d7e63878f022eebb44e0b115044425e727c4f0fe68d59
+  data.tar.gz: dd63fddf8a154b335369dcf87cae2aaff1c9b28c9bd58ad1910a97088283b75f
 SHA512:
-  metadata.gz: ed74b6aaba9d5bf1bd4187f9199e1caba5c7ee2684be73eb271274734bced92119ead384a77a9434d6de9b65126e84b6799789e8d9286b0e25b4f573721ff4b3
-  data.tar.gz: 28a1e3a53faf886766638d2765533fd3d395401c291f60d7b25066386682be00fcd581585e925c007dd0ad404d0db94794b73c188d24fe00e79e3934767c28d7
+  metadata.gz: a03470e2cb20fec61fe7106cd59d96293d9c9e490cd132570aa514a841c43587cbcf675ba25bfd272c5dec497db6c3f6a1922c170effb21f1ddeadeec252f331
+  data.tar.gz: 36919447d408e1a91f22b8d650b12db69ac00c08282fd5b07862bc074a344e9d99075d53fe53436af12ba80dc209b25e9085d3ca2bc0a219a1f47061d91566be

data/README.md CHANGED Viewed

@@ -1,22 +1,26 @@
 # Decidim::FriendlySignup
+[![[CI] Lint](https://github.com/OpenSourcePolitics/decidim-module-friendly_signup/actions/workflows/lint.yml/badge.svg)](https://github.com/OpenSourcePolitics/decidim-module-friendly_signup/actions/workflows/lint.yml)
 [![[CI] Test](https://github.com/OpenSourcePolitics/decidim-module-friendly_signup/actions/workflows/test.yml/badge.svg)](https://github.com/OpenSourcePolitics/decidim-module-friendly_signup/actions/workflows/test.yml)
 [![Maintainability](https://api.codeclimate.com/v1/badges/46c261f70f7f49a8f385/maintainability)](https://codeclimate.com/github/OpenSourcePolitics/decidim-module-friendly_signup/maintainability)
 [![Test Coverage](https://codecov.io/gh/OpenSourcePolitics/decidim-module-friendly_signup/branch/main/graph/badge.svg?token=1lrOiLdy9P)](https://codecov.io/gh/OpenSourcePolitics/decidim-module-friendly_signup)
+[![Gem Version](https://badge.fury.io/rb/decidim-friendly_signup.svg)](https://badge.fury.io/rb/decidim-friendly_signup)
 ---
-A more user friendly approach for the user registration process.
+A more user friendly approach for the user registration process in [Decidim](https://github.com/decidim/decidim).
 ## Usage
 This module simply substitutes some pages to ease up the registration process in Decidim.
-Features:
+### Features:
 - [x] Simplify the password field and add a button with a "show password". ![Show/hide password](examples/passwords.png)
-- [ ] Remove the nickname field from the registration process and automatically create one on registering
-- [ ] Instant validate parameters when registering without having to send it for backend validation
-- [ ] Use checkout codes to validate the email instead of a link
+- [x] Remove the nickname field from the registration process and automatically create one on registering. ![Hide nickname](examples/nickname.png)
+- [x] Instant validate parameters when registering without having to send it for backend validation. ![Instant validation](examples/instant_validation.png)
+- [x] Use numeric, confirmation codes to validate the email instead of a link. ![Confirmation codes](examples/confirmation_codes.png)
 ## Installation
@@ -38,9 +42,35 @@ And then execute:
 bundle
 ```
+For security reasons, it is also recomended to set a expiration time on confirmation tokens, to do that, make sure your Devise initializer has the variable `confirm_within` to certain amount of time.
+For instance, you can do that by creating an initializer such as:
+```ruby
+# config/initializers/devise.rb
+Devise.setup do |config|
+  config.confirm_within = 12.hours
+end
+```
+**Note:**
+The correct version of FriendlySignup should resolved automatically by the Bundler.
+However you can force some specific version using `gem "decidim-friendly_signup", "~> 0.1.0"` in the Gemfile.
+Depending on your Decidim version, choose the corresponding FriendlySignup version to ensure compatibility:
+| FriendlySignup version | Compatible Decidim versions |
+|---|---|
+| 0.4.x | 0.26.x |
+| 0.3.x | 0.26.x |
+| 0.2.x | 0.26.x |
+| 0.1.x | 0.26.x |
 ## Configuration
-Customize your integration by creating an initializer (ie: `config/initializes/friendly_signup.rb`) and set some of the variables:
+Customize your integration by creating an initializer (ie: `config/initializes/friendly_signup.rb`) and set some of the variables (you don't need to do this if you want all features enabled):
 ```ruby
 # config/initializers/friendly_signup.rb
@@ -48,14 +78,29 @@ Customize your integration by creating an initializer (ie: `config/initializes/f
 Decidim::FriendlySignup.configure do |config|
   # Override password views or leave the originals (default is true):
   config.override_passwords = false
-end
+  # Automatically validate user inputs in the register form (default is true):
+  config.use_instant_validation = false
+  # Hide nickname field and create one automatically from user's name or email (default is true)
+  config.hide_nickname = false
+  # Send the users a 4-digit number that needs to be entered in a confirmation page instead of a confirmation link (default is true)
+  config.use_confirmation_codes = false
+end
 ```
 ## Contributing
 Bug reports and pull requests are welcome on GitHub at https://github.com/OpenSourcePolitics/decidim-module-friendly_signup.
+### Localization
+If you would like to see this module in your own language, you can help with its
+translation at Crowdin:
+https://crowdin.com/project/decidim-friendly-signup
 ### Developing
 To start contributing to this project, first:
@@ -133,23 +178,13 @@ commands shown above.
 ### Test code coverage
-If you want to generate the code coverage report for the tests, you can use
-the `SIMPLECOV=1` environment variable in the rspec command as follows:
+Test coverage should be generated automatically in the folder "coverage" once any test is run:
 ```bash
-$ SIMPLECOV=1 bundle exec rspec
+$ bundle exec rspec
+$ firefox coverage/index.html
 ```
-This will generate a folder named `coverage` in the project root which contains
-the code coverage report.
-### Localization
-If you would like to see this module in your own language, you can help with its
-translation at Crowdin:
-https://crowdin.com/project/decidim-friendly-signup
 ## License
 See [LICENSE-AGPLv3.txt](LICENSE-AGPLv3.txt).

data/app/controllers/concerns/decidim/friendly_signup/needs_header_snippets.rb CHANGED Viewed

@@ -23,11 +23,8 @@ module Decidim
         @snippets
       end
-      def friendly_override_activated?(type)
-        case type
-        when :override_passwords
-          Decidim::FriendlySignup.override_passwords.present?
-        end
+      def friendly_override_activated?(feat)
+        Decidim::FriendlySignup.send(feat.to_s).present?
       end
     end
   end

data/app/controllers/concerns/decidim/friendly_signup/registrations_redirect.rb ADDED Viewed

@@ -0,0 +1,37 @@
+# frozen_string_literal: true
+require "active_support/concern"
+module Decidim
+  module FriendlySignup
+    module RegistrationsRedirect
+      extend ActiveSupport::Concern
+      included do
+        def after_sign_up_path_for(user)
+          codes_confirmation_path(user) || super(user)
+        end
+        def after_inactive_sign_up_path_for(user)
+          codes_confirmation_path(user) || super(user)
+        end
+        def after_resending_confirmation_instructions_path_for(resource_name)
+          user = Decidim::User.find_by email: params.dig(:user, :email)
+          codes_confirmation_path(user) || super(resource_name)
+        end
+      end
+      private
+      def codes_confirmation_path(user)
+        return if Decidim::FriendlySignup.use_confirmation_codes.blank?
+        return if user.blank?
+        return unless user.inactive_message.to_s == "unconfirmed"
+        set_flash_message! :notice, :signed_up_but_code_required
+        decidim_friendly_signup.confirmation_codes_path(confirmation_token: user.confirmation_token)
+      end
+    end
+  end
+end

data/app/controllers/decidim/friendly_signup/application_controller.rb ADDED Viewed

@@ -0,0 +1,8 @@
+# frozen_string_literal: true
+module Decidim
+  module FriendlySignup
+    class ApplicationController < Decidim::ApplicationController
+    end
+  end
+end

data/app/controllers/decidim/friendly_signup/confirmation_codes_controller.rb ADDED Viewed

@@ -0,0 +1,50 @@
+# frozen_string_literal: true
+module Decidim
+  module FriendlySignup
+    class ConfirmationCodesController < Decidim::Devise::ConfirmationsController
+      include Decidim::FormFactory
+      include NeedsHeaderSnippets
+      before_action :require_unconfirmed_user
+      helper_method :user, :confirmation_form
+      def index; end
+      def create
+        if confirmation_form.valid?
+          user.confirm
+          flash[:success] = I18n.t("confirmation_codes.create.user_confirmed", name: user.name, scope: "decidim.friendly_signup")
+          return sign_in_and_redirect user, event: :authentication
+        end
+        flash.now[:alert] = confirmation_form.errors.messages.values.flatten.join(" ")
+        render :index
+      end
+      private
+      def confirmation_form
+        @confirmation_form ||= form(ConfirmationCodeForm).from_params(params)
+      end
+      def user
+        @user ||= User.find_by(confirmation_token: params[:confirmation_token], organization: current_organization)
+      end
+      def require_unconfirmed_user
+        return redirect_to decidim.user_confirmation_path unless FriendlySignup.use_confirmation_codes
+        unless user.present? && !user.confirmed?
+          flash[:alert] = I18n.t("confirmation_code_form.invalid_token", scope: "decidim.friendly_signup")
+          return redirect_to decidim.new_user_session_path
+        end
+        if user.send(:confirmation_period_expired?)
+          flash[:alert] = I18n.t("confirmation_code_form.expired", scope: "decidim.friendly_signup")
+          redirect_to decidim.user_confirmation_path
+        end
+      end
+    end
+  end
+end

data/app/controllers/decidim/friendly_signup/validator_controller.rb ADDED Viewed

@@ -0,0 +1,18 @@
+# frozen_string_literal: true
+module Decidim
+  module FriendlySignup
+    class ValidatorController < ApplicationController
+      include Decidim::FormFactory
+      def validate
+        @form = form(Decidim::RegistrationForm).from_params(params)
+        validator = UserAttributeValidator.new(form: @form, attribute: params[:attribute])
+        render json: {
+          valid: validator.valid?,
+          error: validator.error
+        }
+      end
+    end
+  end
+end

data/app/forms/concerns/decidim/friendly_signup/auto_nickname.rb ADDED Viewed

@@ -0,0 +1,35 @@
+# frozen_string_literal: true
+require "active_support/concern"
+module Decidim
+  module FriendlySignup
+    module AutoNickname
+      extend ActiveSupport::Concern
+      included do
+        def nickname
+          return super unless FriendlySignup.hide_nickname
+          UserBaseEntity.nicknamize(name || email, organization: current_organization)
+        end
+        private
+        # nickname is removed from the view, so put any (that shouldn't ever happen) error on the base
+        def nickname_unique_in_organization
+          return false unless nickname
+          if valid_users.find_by("LOWER(nickname)= ? AND decidim_organization_id = ?", nickname.downcase, current_organization.id).present?
+            errors.add :base, :taken
+            errors.add :nickname, :taken
+          end
+        end
+        def valid_users
+          UserBaseEntity.where(invitation_token: nil)
+        end
+      end
+    end
+  end
+end

data/app/forms/decidim/friendly_signup/confirmation_code_form.rb ADDED Viewed

@@ -0,0 +1,33 @@
+# frozen_string_literal: true
+module Decidim
+  module FriendlySignup
+    class ConfirmationCodeForm < Decidim::Form
+      attribute :confirmation_token, String
+      attribute :code, Integer
+      attribute :confirmation_numbers, Array[Integer]
+      validates :confirmation_token, presence: true
+      validate :code_matches_confirmation_token
+      validate :user_exists
+      def user_code
+        code || confirmation_numbers.map(&:to_s).join("").to_i
+      end
+      private
+      def code_matches_confirmation_token
+        return if FriendlySignup.confirmation_code(confirmation_token) == user_code
+        errors.add(:code, I18n.t("confirmation_code_form.invalid", scope: "decidim.friendly_signup"))
+      end
+      def user_exists
+        return if User.exists?(confirmation_token: confirmation_token, organization: current_organization)
+        errors.add(:code, I18n.t("confirmation_code_form.invalid_token", scope: "decidim.friendly_signup"))
+      end
+    end
+  end
+end

data/app/mailers/decidim/friendly_signup/confirmation_codes_mailer.rb ADDED Viewed

@@ -0,0 +1,22 @@
+# frozen_string_literal: true
+module Decidim
+  module FriendlySignup
+    class ConfirmationCodesMailer < ApplicationMailer
+      include Decidim::LocalisedMailer
+      def confirmation_instructions(user, opts)
+        @user = user
+        @email = opts[:to] || user.email
+        @token = opts[:token]
+        @organization = user.organization
+        @code = FriendlySignup.confirmation_code(@token)
+        @expires_at = @user.confirmation_sent_at + @user.class.confirm_within if @user.class.confirm_within
+        with_user(user) do
+          mail(to: "#{user.name} <#{@email}>", subject: I18n.t("decidim.friendly_signup.confirmation_codes.mailer.subject", organization: @organization.name))
+        end
+      end
+    end
+  end
+end

data/app/models/concerns/decidim/friendly_signup/needs_registration_codes.rb ADDED Viewed

@@ -0,0 +1,24 @@
+# frozen_string_literal: true
+require "active_support/concern"
+module Decidim
+  module FriendlySignup
+    module NeedsRegistrationCodes
+      extend ActiveSupport::Concern
+      included do
+        def send_confirmation_instructions
+          return super if Decidim::FriendlySignup.use_confirmation_codes.blank?
+          return super unless inactive_message.to_s == "unconfirmed"
+          generate_confirmation_token! unless @raw_confirmation_token
+          opts = pending_reconfirmation? ? { to: unconfirmed_email } : {}
+          opts[:token] = @raw_confirmation_token
+          ConfirmationCodesMailer.confirmation_instructions(self, opts).deliver_now
+        end
+      end
+    end
+  end
+end

data/app/packs/entrypoints/decidim_friendly_signup.js CHANGED Viewed

@@ -1,4 +1,6 @@
-import "src/decidim/friendly_signup/password_helper"
+import "src/decidim/friendly_signup/setup_password"
+import "src/decidim/friendly_signup/setup_validations"
+import "src/decidim/friendly_signup/setup_confirmations"
 // CSS
 import "entrypoints/decidim_friendly_signup.scss";

data/app/packs/entrypoints/decidim_friendly_signup.scss CHANGED Viewed

@@ -1,2 +1,3 @@
 /* css for decidim_friendly_signup */
 @import "stylesheets/decidim/friendly_signup/input-groups";
+@import "stylesheets/decidim/friendly_signup/confirmation-codes";

data/app/packs/src/decidim/friendly_signup/lib/instant_validator.js ADDED Viewed

@@ -0,0 +1,99 @@
+/* eslint-disable line-comment-position, no-ternary, no-inline-comments */
+// Instant, server-side validation
+// compatible with abide classes https://get.foundation/sites/docs/abide.html
+export default class InstantValidator {
+  // ms before xhr check
+  static get TIMEOUT() {
+    return 150;
+  }
+  constructor($form) {
+    this.$form = $form;
+    this.$inputs = $form.find("[data-instant-attribute]");
+    this.url = this.$form.data("validationUrl");
+  }
+  init() {
+    if (!this.url || !this.$form.length) {
+      return;
+    }
+    this.$form.foundation("disableValidation");
+    // this final validation prevents abide from resetting the field when user loses focus
+    this.$inputs.on("blur", (evt) => {
+      this.validate($(evt.currentTarget));
+    });
+    this.$inputs.on("keyup", (evt) => {
+      let $input = $(evt.currentTarget);
+      let checkTimeout = $input.data("checkTimeout");
+      // Trigger live validation with a delay to avoid throttling
+      if (checkTimeout) {
+        clearTimeout(checkTimeout);
+      }
+      $input.data("checkTimeout", setTimeout(() => {
+        this.validate($input);
+      }, this.TIMEOUT)
+      );
+    });
+  }
+  value($input) {
+    return $input.val().trim();
+  }
+  attribute($input) {
+    return $input.data("instantAttribute");
+  }
+  target($input) {
+    const $target = this.$form.find($input.data("instantTarget"));
+    return $target.length
+      ? $target
+      : $input;
+  }
+  validate($input) {
+    this.tamper($input);
+    this.post($input).done((response) => {
+      this.setFeedback(response, $input);
+    });
+  }
+  setFeedback(data, $input) {
+    if (data.valid) {
+      this.clearErrors($input);
+    } else {
+      this.addErrors(this.target($input), data.error);
+    }
+  }
+  tamper($dest) {
+    $dest.data("tampered", $dest.val().trim() !== "");
+  }
+  isTampered($dest) {
+    return $dest.data("tampered");
+  }
+  addErrors($dest, msg) {
+    if ($dest.closest("label").find(".form-error").length > 1) {
+      // Decidim may add and additional error class that does not play well with abide
+      $dest.closest("label").find(".form-error:last").remove();
+    }
+    this.$form.foundation("addErrorClasses", $dest);
+    if (msg) {
+      $dest.closest("label").find(".form-error").text(msg);
+    }
+  }
+  clearErrors($dest) {
+    this.$form.foundation("removeErrorClasses", $dest);
+  }
+  post($input) {
+    return $.ajax(this.url, {
+      method: "POST",
+      data: `${this.$form.serialize()}&attribute=${this.attribute($input)}`
+    });
+  }
+}

data/app/packs/src/decidim/friendly_signup/{password_toggler.js → lib/password_toggler.js} RENAMED Viewed

File without changes

data/app/packs/src/decidim/friendly_signup/setup_confirmations.js ADDED Viewed

@@ -0,0 +1,57 @@
+$(() => {
+  const $inputs = $('.confirmation-code-inputs input[type="number"]');
+  const $form = $inputs.closest("form");
+  const intRegex = /^\d+$/;
+  let disableManual = false;
+  // Parses the individual digits into the individual boxes.
+  const pasteValues = (element, $first) => {
+    const values = element.split("");
+    let $inputBox = $first;
+    $(values).each((index) => {
+      $inputBox.val(values[index]);
+      $inputBox = $inputBox.next('input[type="number"]');
+      if ($inputBox.length === 0) {
+        $form.submit();
+      }
+    });
+  };
+  $inputs.on("focus", (e) => {
+    $(e.target).select();
+  });
+  // Prevents user from manually entering non-digits.
+  $inputs.on("input.fromManual", (e) => {
+    if (disableManual) {
+      return;
+    }
+    const $this = $(e.target);
+    if (intRegex.test($this.val())) {
+      pasteValues($this.val(), $this);
+      $this.next('input[type="number"]').focus();
+    } else {
+      $this.val("");
+    }
+  });
+  $inputs.on("paste", (evt) => {
+    const $this = $(evt.target);
+    const originalValue = $this.val();
+    $this.val("");
+    disableManual = true;
+    $this.one("input.fromPaste", (e) => {
+      const $currentInputBox = $(e.target);
+      const pastedValue = $currentInputBox.val();
+      if (intRegex.test(pastedValue)) {
+        pasteValues(pastedValue, $inputs.eq(0));
+      }
+      else {
+        $this.val(originalValue);
+      }
+      disableManual = false;
+    });
+  });
+});

data/app/packs/src/decidim/friendly_signup/{password_helper.js → setup_password.js} RENAMED Viewed

@@ -1,4 +1,4 @@
-import PasswordToggler from "src/decidim/friendly_signup/password_toggler";
+import PasswordToggler from "src/decidim/friendly_signup/lib/password_toggler";
 $(() => {
   window.Decidim = window.Decidim || {};

data/app/packs/src/decidim/friendly_signup/setup_validations.js ADDED Viewed

@@ -0,0 +1,7 @@
+import InstantValidator from "src/decidim/friendly_signup/lib/instant_validator";
+$(() => {
+  window.Decidim = window.Decidim || {};
+  window.Decidim.instantValidator = new InstantValidator($("form.instant-validation"));
+  window.Decidim.instantValidator.init();
+});

data/app/packs/stylesheets/decidim/friendly_signup/_confirmation-codes.scss ADDED Viewed

@@ -0,0 +1,23 @@
+.confirmation-code-inputs {
+  display: flex;
+  justify-content: center;
+  margin: 2rem;
+  input[type="number"] {
+    width: 15%;
+    font-size: 5em;
+    height: 1.2em;
+    line-height: 1;
+    padding: 0;
+    margin: 0 2%;
+    text-align: center;
+    box-shadow: 1px 3px 3px #bbb;
+    -moz-appearance: textfield;
+    &::-webkit-inner-spin-button,
+    &::-webkit-outer-spin-button {
+      -webkit-appearance: none;
+      margin: 0;
+    }
+  }
+}

data/app/views/decidim/devise/registrations/new.html.erb CHANGED Viewed

@@ -26,7 +26,7 @@
   <div class="row">
     <div class="columns large-6 medium-10 medium-centered">
-      <%= decidim_form_for(@form, namespace: "registration", as: resource_name, url: registration_path(resource_name), html: { class: "register-form new_user", id: "register-form" }) do |f| %>
+      <%= decidim_form_for(@form, namespace: "registration", as: resource_name, url: registration_path(resource_name), html: { class: "register-form new_user#{friendly_override_activated?(:use_instant_validation) && ' instant-validation'}", id: "register-form" }, data: { "validation-url": decidim_friendly_signup.validate_path }) do |f| %>
         <%= invisible_captcha %>
         <div class="card">
           <div class="card__content">
@@ -34,21 +34,23 @@
             <div class="user-person">
               <div class="field">
-                <%= f.text_field :name, help_text: t(".username_help") %>
+                <%= f.text_field :name, help_text: t(".username_help"), autocomplete: "off", data: { "instant-attribute": "nickname" } %>
               </div>
             </div>
-            <div class="user-nickname">
-              <div class="field">
-                <%= f.text_field :nickname, help_text: t(".nickname_help", organization: current_organization.name), prefix: { value: "@", small: 1, large: 1 } %>
+            <% unless friendly_override_activated?(:hide_nickname) %>
+              <div class="user-nickname">
+                <div class="field">
+                  <%= f.text_field :nickname, help_text: t(".nickname_help", organization: current_organization.name), prefix: { value: "@", small: 1, large: 1 }, autocomplete: "off", data: { "instant-attribute": "nickname" } %>
+                </div>
               </div>
-            </div>
+            <% end %>
             <div class="field">
-              <%= f.email_field :email %>
+              <%= f.email_field :email, autocomplete: "email", data: { "instant-attribute": "email" } %>
             </div>
-            <%= render("decidim/friendly_signup/shared/password_fields", form: f, options: { help_text: t(".password_help", minimun_characters: ::PasswordValidator::MINIMUM_LENGTH), autocomplete: "off" }) %>
+            <%= render("decidim/friendly_signup/shared/password_fields", form: f, options: { required: true, help_text: t(".password_help", minimun_characters: ::PasswordValidator::MINIMUM_LENGTH), autocomplete: "off", data: { "instant-attribute": "password" } }) %>
           </div>
         </div>

data/app/views/decidim/friendly_signup/confirmation_codes/index.html.erb ADDED Viewed

@@ -0,0 +1,38 @@
+<% add_decidim_page_title(t(".enter_code")) %>
+<div class="wrapper">
+<div class="row collapse">
+  <div class="row collapse">
+    <div class="columns large-8 large-centered text-center page-title">
+      <h1><%= t(".title") %></h1>
+      <h6><%= t(".subtitle") %></h6>
+    </div>
+  </div>
+  <div class="row">
+    <div class="columns medium-10 large-8 medium-centered">
+      <div class="card">
+        <div class="card__content">
+          <p class="text-center"><%= t(".description", email: "<strong>#{user.email}</strong>").html_safe %></p>
+          <%= decidim_form_for(confirmation_form, url: decidim_friendly_signup.confirmation_codes_path(confirmation_token: confirmation_form.confirmation_token)) do |f| %>
+            <div class="field confirmation-code-inputs">
+              <%= number_field_tag "confirmation_numbers[0]", "", autofocus: true, autocomplete: :off %>
+              <%= number_field_tag "confirmation_numbers[1]", "", autocomplete: :off %>
+              <%= number_field_tag "confirmation_numbers[2]", "", autocomplete: :off %>
+              <%= number_field_tag "confirmation_numbers[3]", "", autocomplete: :off %>
+            </div>
+            <div class="actions text-center">
+              <%= f.submit t(".verify"), class: "button text-uppercase" %>
+            </div>
+          <% end %>
+          <p class="text-center">
+            <%= link_to t(".code_not_received"), decidim.user_confirmation_path(confirmation_token: confirmation_form.confirmation_token, "user[email]": user.email), method: :post, data: { confirm: t(".confirm_send_code", email: user.email) } %>
+          </p>
+        </div>
+      </div>
+    </div>
+  </div>
+</div>
+</div>

data/app/views/decidim/friendly_signup/confirmation_codes_mailer/confirmation_instructions.html.erb ADDED Viewed

@@ -0,0 +1,13 @@
+<h1 class="text-center"><%= t(".title") %></h1>
+<p class="email-instructions text-center"><%= t(".subtitle", organization: link_to(@organization.name, decidim_friendly_signup.confirmation_codes_path(confirmation_token: @token))).html_safe %></p>
+<h3 class="email-instruction text-center" style="margin:1em 0 0.2em 0;"><%= t(".copy") %></h3>
+<% if @expires_at %>
+  <p class="email-small text-center"><%= t(".expires_in", time: distance_of_time_in_words(Time.now, @expires_at, scope: "decidim.friendly_signup.datetime.distance_in_words")) %></p>
+<% end %>
+<p class="stat text-center" style="margin:1em 0;"><b style="font-size: 2em"><%= @code %></b></p>
+<p class="email-small email-closing text-center"><%= t(".ignore").html_safe %></p>

data/app/views/decidim/friendly_signup/shared/_password_fields.html.erb CHANGED Viewed

@@ -11,7 +11,7 @@
   <div class="user-password-confirmation">
     <div class="field">
-      <%= form.password_field :password_confirmation, options.except(:help_text, :autocomplete) %>
+      <%= form.password_field :password_confirmation %>
     </div>
   </div>
 <% else %>

data/config/locales/en.yml CHANGED Viewed

@@ -1,10 +1,89 @@
 ---
 en:
+  activemodel:
+    attributes:
+      confirmation_code:
+        code: Confirmation code
   decidim:
     friendly_signup:
+      confirmation_code_form:
+        expired: Sorry, this code has expired, please generate a new one.
+        invalid: Code is invalid, please make sure to copy the code emailed to you.
+        invalid_token: Invalid token.
+      confirmation_codes:
+        create:
+          user_confirmed: Welcome %{name}! Your account has been succesfully confirmed!
+        index:
+          code_not_received: Didn't receive the code?
+          confirm_send_code: Do you want to resend the confirmation code to %{email}?<br>Be
+            sure to check the spam folder just in case!
+          description: You should receive a 4 digit code at %{email}.<br>If you can't
+            find it, please check your spam folder or wait  up to 10 minutes.
+          enter_code: Enter code
+          subtitle: You need to confirm your email address to be able to submit proposals,
+            comment and vote.
+          title: One last step...
+          verify: Verify
+        mailer:
+          subject: Confirm your account at %{organization}
+        resend_code:
+          sent: The confirmation code has been sent to %{email}.
+      confirmation_codes_mailer:
+        confirmation_instructions:
+          copy: 'Copy this code:'
+          expires_in: It will expire in %{time}.
+          ignore: |-
+            If you didn't request this comunication, please ignore this email.<br />
+            Your account won't be active until your account is fully confirmed.
+          subtitle: To finalize the registration you just need to copy the 4 digit
+            code below, go back to the %{organization} signup page and paste it!
+          title: You're almost there!
+      datetime:
+        distance_in_words:
+          about_x_hours:
+            one: about 1 hour
+            other: about %{count} hours
+          about_x_months:
+            one: about 1 month
+            other: about %{count} months
+          about_x_years:
+            one: about 1 year
+            other: about %{count} years
+          almost_x_years:
+            one: almost 1 year
+            other: almost %{count} years
+          half_a_minute: half a minute
+          less_than_x_minutes:
+            one: less than a minute
+            other: less than %{count} minutes
+          less_than_x_seconds:
+            one: less than 1 second
+            other: less than %{count} seconds
+          over_x_years:
+            one: over 1 year
+            other: over %{count} years
+          x_days:
+            one: 1 day
+            other: "%{count} days"
+          x_minutes:
+            one: 1 minute
+            other: "%{count} minutes"
+          x_months:
+            one: 1 month
+            other: "%{count} months"
+          x_seconds:
+            one: 1 second
+            other: "%{count} seconds"
       shared:
         password_fields:
           hidden_password: Your password is hidden
           hide_password: Hide password
           show_password: Show password
           shown_password: Your password is shown
+  devise:
+    confirmations:
+      signed_up_but_code_required: A message with a code has been sent to your email
+        address. Please copy and paste the received code in this page.
+    registrations:
+      signed_up_but_code_required: A message with a code has been sent to your email
+        address. Please copy and paste the received code in this page.

data/lib/decidim/friendly_signup/engine.rb CHANGED Viewed

@@ -2,6 +2,7 @@
 require "rails"
 require "decidim/core"
+require "rack/attack"
 module Decidim
   module FriendlySignup
@@ -9,17 +10,36 @@ module Decidim
     class Engine < ::Rails::Engine
       isolate_namespace Decidim::FriendlySignup
+      routes do
+        devise_scope :user do
+          resources :confirmation_codes, only: [:index, :create]
+        end
+        post :validate, to: "validator#validate"
+      end
       # Prepare a zone to create overrides
       # https://edgeguides.rubyonrails.org/engines.html#overriding-models-and-controllers
       # overrides
       config.after_initialize do
         Decidim::Devise::RegistrationsController.include(Decidim::FriendlySignup::NeedsHeaderSnippets)
+        Decidim::Devise::RegistrationsController.include(Decidim::FriendlySignup::RegistrationsRedirect)
+        Decidim::Devise::ConfirmationsController.include(Decidim::FriendlySignup::RegistrationsRedirect)
         Decidim::Devise::InvitationsController.include(Decidim::FriendlySignup::NeedsHeaderSnippets)
         Decidim::Devise::PasswordsController.include(Decidim::FriendlySignup::NeedsHeaderSnippets)
         Decidim::AccountController.include(Decidim::FriendlySignup::NeedsHeaderSnippets)
+        Decidim::RegistrationForm.include(Decidim::FriendlySignup::AutoNickname)
+        Decidim::User.include(Decidim::FriendlySignup::NeedsRegistrationCodes)
+      end
+      initializer "friendly_signup.confirmation_throttling" do
+        # Throttle confirmation attempts for a given code parameter to 6 reqs/minute
+        # Return the confirmation_token as a discriminator on POST /users/sign_in requests
+        Rack::Attack.throttle("limit confirmations attempts per code", limit: 5, period: 60.seconds) do |request|
+          request.params["confirmation_token"] if request.path == "/friendly_signup/confirmation_codes" && request.post?
+        end
       end
-      initializer "FriendlySignup.webpacker.assets_path" do
+      initializer "friendly_signup.webpacker.assets_path" do
         Decidim.register_assets_path File.expand_path("app/packs", root)
       end
     end

data/lib/decidim/friendly_signup/user_attribute_validator.rb ADDED Viewed

@@ -0,0 +1,49 @@
+# frozen_string_literal: true
+module Decidim
+  module FriendlySignup
+    class UserAttributeValidator
+      def initialize(attribute:, form:)
+        @attribute = attribute
+        @form = form
+      end
+      delegate :current_organization, to: :form
+      attr_reader :attribute, :form
+      def valid?
+        @valid ||= begin
+          form.validate
+          # we don't validate the form but the attribute alone
+          errors.blank?
+        end
+      end
+      def input
+        @input ||= form.public_send(attribute).to_s.dup if valid_attribute?
+      end
+      def errors
+        @errors ||= valid_attribute? ? form.errors[attribute] : ["Invalid attribute"]
+      end
+      def error
+        errors.flatten.map(&:upcase_first).join(". ") unless valid?
+      end
+      private
+      def valid_attribute?
+        %w(nickname email name password).include? attribute.to_s
+      end
+      def valid_suggestor?
+        ["nickname"].include? attribute.to_s
+      end
+      def valid_users
+        Decidim::UserBaseEntity.where(invitation_token: nil, organization: current_organization)
+      end
+    end
+  end
+end

data/lib/decidim/friendly_signup/version.rb CHANGED Viewed

@@ -5,6 +5,6 @@ module Decidim
   module FriendlySignup
     DECIDIM_VERSION = "0.26.2"
     COMPAT_DECIDIM_VERSION = "~> 0.26.0"
-    VERSION = "0.1"
+    VERSION = "0.4"
   end
 end

data/lib/decidim/friendly_signup.rb CHANGED Viewed

@@ -1,14 +1,46 @@
 # frozen_string_literal: true
+require "decidim/friendly_signup/version"
 require "decidim/friendly_signup/engine"
 module Decidim
   module FriendlySignup
     include ActiveSupport::Configurable
+    autoload :UserAttributeValidator, "decidim/friendly_signup/user_attribute_validator"
     # Whether to override passwords boxes or not
     config_accessor :override_passwords do
       true
     end
+    # Whether to use instant validation or not
+    config_accessor :use_instant_validation do
+      true
+    end
+    # Whether to hide nickname and generate it automatically
+    config_accessor :hide_nickname do
+      true
+    end
+    # Use confirmation codes instead of confirmation links
+    config_accessor :use_confirmation_codes do
+      true
+    end
+    # Generates a secure code from a string
+    def self.confirmation_code(hash)
+      num = Decidim::Tokenizer.new(salt: Rails.application.secret_key_base).int_digest(hash).to_s[0..3]
+      num += "0" while num.size < 4
+      num.to_i
+    end
   end
 end
+# Engines to handle logic unrelated to participatory spaces or components
+Decidim.register_global_engine(
+  :decidim_friendly_signup, # this is the name of the global method to access engine routes
+  ::Decidim::FriendlySignup::Engine,
+  at: "/friendly_signup"
+)

data/package-lock.json CHANGED Viewed

@@ -1,12 +1,12 @@
 {
   "name": "decidim-module-friendly_signup",
-  "version": "0.1.0",
+  "version": "0.2.0",
   "lockfileVersion": 2,
   "requires": true,
   "packages": {
     "": {
       "name": "decidim-module-friendly_signup",
-      "version": "0.1.0",
+      "version": "0.2.0",
       "license": "AGPL-3.0-or-later",
       "devDependencies": {
         "eslint": "^7.25.0",

data/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "decidim-module-friendly_signup",
-  "version": "0.1.0",
+  "version": "0.2.0",
   "description": "A better signup process for Decidim",
   "main": "index.js",
   "directories": {

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: decidim-friendly_signup
 version: !ruby/object:Gem::Version
-  version: '0.1'
+  version: '0.4'
 platform: ruby
 authors:
 - Ivan Vergés
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2022-07-12 00:00:00.000000000 Z
+date: 2022-07-22 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: decidim-core
@@ -49,22 +49,37 @@ files:
 - README.md
 - Rakefile
 - app/controllers/concerns/decidim/friendly_signup/needs_header_snippets.rb
+- app/controllers/concerns/decidim/friendly_signup/registrations_redirect.rb
+- app/controllers/decidim/friendly_signup/application_controller.rb
+- app/controllers/decidim/friendly_signup/confirmation_codes_controller.rb
+- app/controllers/decidim/friendly_signup/validator_controller.rb
+- app/forms/concerns/decidim/friendly_signup/auto_nickname.rb
+- app/forms/decidim/friendly_signup/confirmation_code_form.rb
+- app/mailers/decidim/friendly_signup/confirmation_codes_mailer.rb
+- app/models/concerns/decidim/friendly_signup/needs_registration_codes.rb
 - app/packs/entrypoints/decidim_friendly_signup.js
 - app/packs/entrypoints/decidim_friendly_signup.scss
 - app/packs/images/decidim/friendly_signup/icon.svg
-- app/packs/src/decidim/friendly_signup/password_helper.js
-- app/packs/src/decidim/friendly_signup/password_toggler.js
+- app/packs/src/decidim/friendly_signup/lib/instant_validator.js
+- app/packs/src/decidim/friendly_signup/lib/password_toggler.js
+- app/packs/src/decidim/friendly_signup/setup_confirmations.js
+- app/packs/src/decidim/friendly_signup/setup_password.js
+- app/packs/src/decidim/friendly_signup/setup_validations.js
+- app/packs/stylesheets/decidim/friendly_signup/_confirmation-codes.scss
 - app/packs/stylesheets/decidim/friendly_signup/_input-groups.scss
 - app/views/decidim/account/_password_fields.html.erb
 - app/views/decidim/devise/invitations/edit.html.erb
 - app/views/decidim/devise/passwords/edit.html.erb
 - app/views/decidim/devise/registrations/new.html.erb
+- app/views/decidim/friendly_signup/confirmation_codes/index.html.erb
+- app/views/decidim/friendly_signup/confirmation_codes_mailer/confirmation_instructions.html.erb
 - app/views/decidim/friendly_signup/shared/_password_fields.html.erb
 - config/assets.rb
 - config/i18n-tasks.yml
 - config/locales/en.yml
 - lib/decidim/friendly_signup.rb
 - lib/decidim/friendly_signup/engine.rb
+- lib/decidim/friendly_signup/user_attribute_validator.rb
 - lib/decidim/friendly_signup/version.rb
 - package-lock.json
 - package.json