RubyGems - decidim-friendly_signup - Versions diffs - 0.2 → 0.4.1 - Mend

decidim-friendly_signup 0.2 → 0.4.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (25) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: c631ec440674f278ea3a0f3369435831014443e36f2f4247d1a87d914e7e66c8
-  data.tar.gz: cf5ca968cfe4459a63471e02ff36dd38f28cfb042c3146e175c3766dab4a6571
+  metadata.gz: 4759703c0e6890c53f828d2db7be0ab349ca526cbe6d064d9d5b809e9429aea7
+  data.tar.gz: 6854425281b3d148d6cba8e8ed8d3b91ba3ae462a32b08d4b51540ac995c676f
 SHA512:
-  metadata.gz: cdd1a58fad3b2b40cb5f73497c3ca408a621afce743073b40c9fee720a4e9050e0d5a8f3b495e5024b6e807ce7fe8c61859e264259fd3ccec30424d025114bb3
-  data.tar.gz: b0437d886f9018aaed1a3f405f52032d77c8c01ec7f1f40bb8a61b708138f1eeedbacb424ab394d26048c7bb643d14b3579ddce4954cd5c2af521fea6ffc8f38
+  metadata.gz: aca757d63345ea7c3e0207809ccbe744dc976d056ff8f2c860b49af82842f7610ec5f4e5b381d1fd3e8355b0c461995c3f4dc054d5adb1f9fae987fd994fb409
+  data.tar.gz: 975dae306e8db7c651e597c7c83aa2bc59c5ae7b16109cc2e0969a307aa9bc575e01a17fe35249cfe772b97e01115871539688e6e9059db5bfdbdc5e1bf89c98

data/README.md CHANGED Viewed

@@ -18,9 +18,9 @@ This module simply substitutes some pages to ease up the registration process in
 - [x] Simplify the password field and add a button with a "show password". ![Show/hide password](examples/passwords.png)
-- [ ] Remove the nickname field from the registration process and automatically create one on registering
+- [x] Remove the nickname field from the registration process and automatically create one on registering. ![Hide nickname](examples/nickname.png)
 - [x] Instant validate parameters when registering without having to send it for backend validation. ![Instant validation](examples/instant_validation.png)
-- [ ] Use checkout codes to validate the email instead of a link
+- [x] Use numeric, confirmation codes to validate the email instead of a link. ![Confirmation codes](examples/confirmation_codes.png)
 ## Installation
@@ -42,6 +42,18 @@ And then execute:
 bundle
 ```
+For security reasons, it is also recomended to set a expiration time on confirmation tokens, to do that, make sure your Devise initializer has the variable `confirm_within` to certain amount of time.
+For instance, you can do that by creating an initializer such as:
+```ruby
+# config/initializers/devise.rb
+Devise.setup do |config|
+  config.confirm_within = 12.hours
+end
+```
 **Note:**
 The correct version of FriendlySignup should resolved automatically by the Bundler.
@@ -51,6 +63,8 @@ Depending on your Decidim version, choose the corresponding FriendlySignup versi
 | FriendlySignup version | Compatible Decidim versions |
 |---|---|
+| 0.4.x | 0.26.x |
+| 0.3.x | 0.26.x |
 | 0.2.x | 0.26.x |
 | 0.1.x | 0.26.x |
@@ -67,9 +81,50 @@ Decidim::FriendlySignup.configure do |config|
   # Automatically validate user inputs in the register form (default is true):
   config.use_instant_validation = false
+  # Hide nickname field and create one automatically from user's name or email (default is true)
+  config.hide_nickname = false
+  # Send the users a 4-digit number that needs to be entered in a confirmation page instead of a confirmation link (default is true)
+  config.use_confirmation_codes = false
 end
 ```
+### Customize error messages in instant validation
+You can customize any message either overriding in your application the files in `config/locales/*.yml` or by using a module like Term Customizer.
+This plugin uses a cascade-style fallback looking for a series of I18n keys and returns the first available. For instance, for the attribute `email` and the validation key `blank` it will look for these 3 possibilities, returning the first matching one:
+Specific attribute error:
+```yaml
+en:
+  decidim:
+    friendly_signup:
+      errors:
+        messages:
+          email:
+            blank: Please enter an email address
+```
+Generic error:
+```yaml
+en:
+  decidim:
+    friendly_signup:
+      errors:
+        messages:
+          blank: Looks like you haven’t entered anything in this field
+```
+Rails' default error:
+```yaml
+en:
+  errors:
+    messages:
+      blank: can't be blank
+```
 ## Contributing
 Bug reports and pull requests are welcome on GitHub at https://github.com/OpenSourcePolitics/decidim-module-friendly_signup.

data/app/controllers/concerns/decidim/friendly_signup/registrations_redirect.rb ADDED Viewed

@@ -0,0 +1,37 @@
+# frozen_string_literal: true
+require "active_support/concern"
+module Decidim
+  module FriendlySignup
+    module RegistrationsRedirect
+      extend ActiveSupport::Concern
+      included do
+        def after_sign_up_path_for(user)
+          codes_confirmation_path(user) || super(user)
+        end
+        def after_inactive_sign_up_path_for(user)
+          codes_confirmation_path(user) || super(user)
+        end
+        def after_resending_confirmation_instructions_path_for(resource_name)
+          user = Decidim::User.find_by email: params.dig(:user, :email)
+          codes_confirmation_path(user) || super(resource_name)
+        end
+      end
+      private
+      def codes_confirmation_path(user)
+        return if Decidim::FriendlySignup.use_confirmation_codes.blank?
+        return if user.blank?
+        return unless user.inactive_message.to_s == "unconfirmed"
+        set_flash_message! :notice, :signed_up_but_code_required
+        decidim_friendly_signup.confirmation_codes_path(confirmation_token: user.confirmation_token)
+      end
+    end
+  end
+end

data/app/controllers/decidim/friendly_signup/confirmation_codes_controller.rb ADDED Viewed

@@ -0,0 +1,50 @@
+# frozen_string_literal: true
+module Decidim
+  module FriendlySignup
+    class ConfirmationCodesController < Decidim::Devise::ConfirmationsController
+      include Decidim::FormFactory
+      include NeedsHeaderSnippets
+      before_action :require_unconfirmed_user
+      helper_method :user, :confirmation_form
+      def index; end
+      def create
+        if confirmation_form.valid?
+          user.confirm
+          flash[:success] = I18n.t("confirmation_codes.create.user_confirmed", name: user.name, scope: "decidim.friendly_signup")
+          return sign_in_and_redirect user, event: :authentication
+        end
+        flash.now[:alert] = confirmation_form.errors.messages.values.flatten.join(" ")
+        render :index
+      end
+      private
+      def confirmation_form
+        @confirmation_form ||= form(ConfirmationCodeForm).from_params(params)
+      end
+      def user
+        @user ||= User.find_by(confirmation_token: params[:confirmation_token], organization: current_organization)
+      end
+      def require_unconfirmed_user
+        return redirect_to decidim.user_confirmation_path unless FriendlySignup.use_confirmation_codes
+        unless user.present? && !user.confirmed?
+          flash[:alert] = I18n.t("confirmation_code_form.invalid_token", scope: "decidim.friendly_signup")
+          return redirect_to decidim.new_user_session_path
+        end
+        if user.send(:confirmation_period_expired?)
+          flash[:alert] = I18n.t("confirmation_code_form.expired", scope: "decidim.friendly_signup")
+          redirect_to decidim.user_confirmation_path
+        end
+      end
+    end
+  end
+end

data/app/forms/concerns/decidim/friendly_signup/auto_nickname.rb ADDED Viewed

@@ -0,0 +1,35 @@
+# frozen_string_literal: true
+require "active_support/concern"
+module Decidim
+  module FriendlySignup
+    module AutoNickname
+      extend ActiveSupport::Concern
+      included do
+        def nickname
+          return super unless FriendlySignup.hide_nickname
+          UserBaseEntity.nicknamize(name || email, organization: current_organization)
+        end
+        private
+        # nickname is removed from the view, so put any (that shouldn't ever happen) error on the base
+        def nickname_unique_in_organization
+          return false unless nickname
+          if valid_users.find_by("LOWER(nickname)= ? AND decidim_organization_id = ?", nickname.downcase, current_organization.id).present?
+            errors.add :base, :taken
+            errors.add :nickname, :taken
+          end
+        end
+        def valid_users
+          UserBaseEntity.where(invitation_token: nil)
+        end
+      end
+    end
+  end
+end

data/app/forms/decidim/friendly_signup/confirmation_code_form.rb ADDED Viewed

@@ -0,0 +1,33 @@
+# frozen_string_literal: true
+module Decidim
+  module FriendlySignup
+    class ConfirmationCodeForm < Decidim::Form
+      attribute :confirmation_token, String
+      attribute :code, Integer
+      attribute :confirmation_numbers, Array[Integer]
+      validates :confirmation_token, presence: true
+      validate :code_matches_confirmation_token
+      validate :user_exists
+      def user_code
+        code || confirmation_numbers.map(&:to_s).join("").to_i
+      end
+      private
+      def code_matches_confirmation_token
+        return if FriendlySignup.confirmation_code(confirmation_token) == user_code
+        errors.add(:code, I18n.t("confirmation_code_form.invalid", scope: "decidim.friendly_signup"))
+      end
+      def user_exists
+        return if User.exists?(confirmation_token: confirmation_token, organization: current_organization)
+        errors.add(:code, I18n.t("confirmation_code_form.invalid_token", scope: "decidim.friendly_signup"))
+      end
+    end
+  end
+end

data/app/mailers/decidim/friendly_signup/confirmation_codes_mailer.rb ADDED Viewed

@@ -0,0 +1,22 @@
+# frozen_string_literal: true
+module Decidim
+  module FriendlySignup
+    class ConfirmationCodesMailer < ApplicationMailer
+      include Decidim::LocalisedMailer
+      def confirmation_instructions(user, opts)
+        @user = user
+        @email = opts[:to] || user.email
+        @token = opts[:token]
+        @organization = user.organization
+        @code = FriendlySignup.confirmation_code(@token)
+        @expires_at = @user.confirmation_sent_at + @user.class.confirm_within if @user.class.confirm_within
+        with_user(user) do
+          mail(to: "#{user.name} <#{@email}>", subject: I18n.t("decidim.friendly_signup.confirmation_codes.mailer.subject", organization: @organization.name))
+        end
+      end
+    end
+  end
+end

data/app/models/concerns/decidim/friendly_signup/needs_registration_codes.rb ADDED Viewed

@@ -0,0 +1,24 @@
+# frozen_string_literal: true
+require "active_support/concern"
+module Decidim
+  module FriendlySignup
+    module NeedsRegistrationCodes
+      extend ActiveSupport::Concern
+      included do
+        def send_confirmation_instructions
+          return super if Decidim::FriendlySignup.use_confirmation_codes.blank?
+          return super unless inactive_message.to_s == "unconfirmed"
+          generate_confirmation_token! unless @raw_confirmation_token
+          opts = pending_reconfirmation? ? { to: unconfirmed_email } : {}
+          opts[:token] = @raw_confirmation_token
+          ConfirmationCodesMailer.confirmation_instructions(self, opts).deliver_now
+        end
+      end
+    end
+  end
+end

data/app/packs/entrypoints/decidim_friendly_signup.js CHANGED Viewed

@@ -1,5 +1,6 @@
 import "src/decidim/friendly_signup/setup_password"
 import "src/decidim/friendly_signup/setup_validations"
+import "src/decidim/friendly_signup/setup_confirmations"
 // CSS
 import "entrypoints/decidim_friendly_signup.scss";

data/app/packs/entrypoints/decidim_friendly_signup.scss CHANGED Viewed

@@ -1,2 +1,3 @@
 /* css for decidim_friendly_signup */
 @import "stylesheets/decidim/friendly_signup/input-groups";
+@import "stylesheets/decidim/friendly_signup/confirmation-codes";

data/app/packs/src/decidim/friendly_signup/lib/instant_validator.js CHANGED Viewed

@@ -15,6 +15,10 @@ export default class InstantValidator {
   }
   init() {
+    if (!this.url || !this.$form.length) {
+      return;
+    }
+    this.$form.foundation("disableValidation");
     // this final validation prevents abide from resetting the field when user loses focus
     this.$inputs.on("blur", (evt) => {
       this.validate($(evt.currentTarget));
@@ -49,10 +53,15 @@ export default class InstantValidator {
   }
   validate($input) {
+    let $recheck = $($input.data("instantRecheck"));
     this.tamper($input);
     this.post($input).done((response) => {
       this.setFeedback(response, $input);
     });
+    if ($recheck.length && this.isTampered($recheck)) {
+      this.validate($recheck)
+    }
   }
   setFeedback(data, $input) {
@@ -72,13 +81,14 @@ export default class InstantValidator {
   }
   addErrors($dest, msg) {
+    console.log("$dest", $dest, "%form", this.$form)
     if ($dest.closest("label").find(".form-error").length > 1) {
       // Decidim may add and additional error class that does not play well with abide
       $dest.closest("label").find(".form-error:last").remove();
     }
     this.$form.foundation("addErrorClasses", $dest);
     if (msg) {
-      $dest.closest("label").find(".form-error").text(msg);
+      $dest.closest("label").find(".form-error").html(msg);
     }
   }

data/app/packs/src/decidim/friendly_signup/setup_confirmations.js ADDED Viewed

@@ -0,0 +1,57 @@
+$(() => {
+  const $inputs = $('.confirmation-code-inputs input[type="number"]');
+  const $form = $inputs.closest("form");
+  const intRegex = /^\d+$/;
+  let disableManual = false;
+  // Parses the individual digits into the individual boxes.
+  const pasteValues = (element, $first) => {
+    const values = element.split("");
+    let $inputBox = $first;
+    $(values).each((index) => {
+      $inputBox.val(values[index]);
+      $inputBox = $inputBox.next('input[type="number"]');
+      if ($inputBox.length === 0) {
+        $form.submit();
+      }
+    });
+  };
+  $inputs.on("focus", (e) => {
+    $(e.target).select();
+  });
+  // Prevents user from manually entering non-digits.
+  $inputs.on("input.fromManual", (e) => {
+    if (disableManual) {
+      return;
+    }
+    const $this = $(e.target);
+    if (intRegex.test($this.val())) {
+      pasteValues($this.val(), $this);
+      $this.next('input[type="number"]').focus();
+    } else {
+      $this.val("");
+    }
+  });
+  $inputs.on("paste", (evt) => {
+    const $this = $(evt.target);
+    const originalValue = $this.val();
+    $this.val("");
+    disableManual = true;
+    $this.one("input.fromPaste", (e) => {
+      const $currentInputBox = $(e.target);
+      const pastedValue = $currentInputBox.val();
+      if (intRegex.test(pastedValue)) {
+        pasteValues(pastedValue, $inputs.eq(0));
+      }
+      else {
+        $this.val(originalValue);
+      }
+      disableManual = false;
+    });
+  });
+});

data/app/packs/stylesheets/decidim/friendly_signup/_confirmation-codes.scss ADDED Viewed

@@ -0,0 +1,23 @@
+.confirmation-code-inputs {
+  display: flex;
+  justify-content: center;
+  margin: 2rem;
+  input[type="number"] {
+    width: 15%;
+    font-size: 5em;
+    height: 1.2em;
+    line-height: 1;
+    padding: 0;
+    margin: 0 2%;
+    text-align: center;
+    box-shadow: 1px 3px 3px #bbb;
+    -moz-appearance: textfield;
+    &::-webkit-inner-spin-button,
+    &::-webkit-outer-spin-button {
+      -webkit-appearance: none;
+      margin: 0;
+    }
+  }
+}

data/app/views/decidim/devise/invitations/edit.html.erb CHANGED Viewed

@@ -10,7 +10,7 @@
   <div class="row">
     <div class="columns large-6 medium-10 medium-centered">
-      <%= decidim_form_for resource, namespace: "invitation", as: resource_name, url: invitation_path(resource_name, invite_redirect: params[:invite_redirect]), html: { method: :put, class: "register-form new_user" } do |f| %>
+      <%= decidim_form_for(resource, namespace: "invitation", as: resource_name, url: invitation_path(resource_name, invite_redirect: params[:invite_redirect]), html: { method: :put, class: "register-form new_user#{friendly_override_activated?(:use_instant_validation) ? ' instant-validation' : ''}" } , data: { "validation-url" => decidim_friendly_signup.validate_path }) do |f| %>
         <div class="card">
           <div class="card__content">
             <legend><%= t("sign_up_as.legend", scope: "decidim.devise.registrations.new") %></legend>
@@ -19,14 +19,16 @@
             <%= f.hidden_field :invitation_token %>
-            <div class="user-nickname">
-              <div class="field">
-                <%= f.text_field :nickname, help_text: t("devise.invitations.edit.nickname_help", organization: current_organization.name), required: "required", prefix: { value: "@", small: 1, large: 1 } %>
+            <% unless friendly_override_activated?(:hide_nickname) %>
+              <div class="user-nickname">
+                <div class="field">
+                  <%= f.text_field :nickname, help_text: t("devise.invitations.edit.nickname_help", organization: current_organization.name), required: "required", prefix: { value: "@", small: 1, large: 1 }, data: { "instant-attribute" => "nickname", "instant-recheck" => "password" } %>
+                </div>
               </div>
-            </div>
+            <% end %>
             <% if f.object.class.require_password_on_accepting %>
-              <%= render("decidim/friendly_signup/shared/password_fields", form: f, options: { required: "required", minlength: ::PasswordValidator::MINIMUM_LENGTH, maxlength: ::PasswordValidator::MAX_LENGTH }) %>
+              <%= render("decidim/friendly_signup/shared/password_fields", form: f, options: { required: true, autocomplete: "off", help_text: t("devise.passwords.edit.password_help", minimun_characters: ::PasswordValidator::MINIMUM_LENGTH), minlength: ::PasswordValidator::MINIMUM_LENGTH, maxlength: ::PasswordValidator::MAX_LENGTH, data: { "instant-attribute" => "password" } }) %>
             <% end %>
           </div>
         </div>

data/app/views/decidim/devise/passwords/edit.html.erb CHANGED Viewed

@@ -10,12 +10,12 @@
     <div class="columns medium-7 large-5 medium-centered">
       <div class="card">
         <div class="card__content">
-          <%= decidim_form_for(resource, namespace: "password", as: resource_name, url: password_path(resource_name), html: { method: :put, class: "register-form new_user" }) do |f| %>
+          <%= decidim_form_for(resource, namespace: "password", as: resource_name, url: password_path(resource_name), html: { method: :put, class: "register-form new_user#{friendly_override_activated?(:use_instant_validation) ? ' instant-validation' : ''}" } , data: { "validation-url" => decidim_friendly_signup.validate_path }) do |f| %>
             <%= form_required_explanation %>
             <%= f.hidden_field :reset_password_token %>
-            <%= render("decidim/friendly_signup/shared/password_fields", form: f, options: { autocomplete: "off", help_text: t("devise.passwords.edit.password_help", minimun_characters: ::PasswordValidator::MINIMUM_LENGTH) }) %>
+            <%= render("decidim/friendly_signup/shared/password_fields", form: f, options: { required: true, autocomplete: "off", help_text: t("devise.passwords.edit.password_help", minimun_characters: ::PasswordValidator::MINIMUM_LENGTH), minlength: ::PasswordValidator::MINIMUM_LENGTH, maxlength: ::PasswordValidator::MAX_LENGTH, data: { "instant-attribute" => "password" } }) %>
             <div class="actions">
               <%= f.submit t("devise.passwords.edit.change_my_password"), class: "button expanded" %>

data/app/views/decidim/devise/registrations/new.html.erb CHANGED Viewed

@@ -26,7 +26,7 @@
   <div class="row">
     <div class="columns large-6 medium-10 medium-centered">
-      <%= decidim_form_for(@form, namespace: "registration", as: resource_name, url: registration_path(resource_name), html: { class: "register-form new_user#{friendly_override_activated?(:use_instant_validation) && ' instant-validation'}", id: "register-form" }, data: { "validation-url": decidim_friendly_signup.validate_path }) do |f| %>
+      <%= decidim_form_for(@form, namespace: "registration", as: resource_name, url: registration_path(resource_name), html: { class: "register-form new_user#{friendly_override_activated?(:use_instant_validation) ? ' instant-validation' : ''}", id: "register-form" }, data: { "validation-url" => decidim_friendly_signup.validate_path }) do |f| %>
         <%= invisible_captcha %>
         <div class="card">
           <div class="card__content">
@@ -34,21 +34,23 @@
             <div class="user-person">
               <div class="field">
-                <%= f.text_field :name, help_text: t(".username_help"), autocomplete: "off" %>
+                <%= f.text_field :name, help_text: t(".username_help"), autocomplete: "off", data: { "instant-attribute" => "name", "instant-recheck" => "#registration_user_password" } %>
               </div>
             </div>
-            <div class="user-nickname">
-              <div class="field">
-                <%= f.text_field :nickname, help_text: t(".nickname_help", organization: current_organization.name), prefix: { value: "@", small: 1, large: 1 }, autocomplete: "off" %>
+            <% unless friendly_override_activated?(:hide_nickname) %>
+              <div class="user-nickname">
+                <div class="field">
+                  <%= f.text_field :nickname, help_text: t(".nickname_help", organization: current_organization.name), prefix: { value: "@", small: 1, large: 1 }, autocomplete: "off", data: { "instant-attribute" => "nickname", "instant-recheck" => "#registration_user_password" } %>
+                </div>
               </div>
-            </div>
+            <% end %>
             <div class="field">
-              <%= f.email_field :email, autocomplete: "email", data: { "instant-attribute": "email" } %>
+              <%= f.email_field :email, autocomplete: "email", data: { "instant-attribute" => "email", "instant-recheck" => "#registration_user_password" } %>
             </div>
-            <%= render("decidim/friendly_signup/shared/password_fields", form: f, options: { required: true, help_text: t(".password_help", minimun_characters: ::PasswordValidator::MINIMUM_LENGTH), autocomplete: "off", data: { "instant-attribute": "password" } }) %>
+            <%= render("decidim/friendly_signup/shared/password_fields", form: f, options: { required: true, help_text: t(".password_help", minimun_characters: ::PasswordValidator::MINIMUM_LENGTH), autocomplete: "off", data: { "instant-attribute" => "password" } }) %>
           </div>
         </div>

data/app/views/decidim/devise/sessions/new.html.erb ADDED Viewed

@@ -0,0 +1,58 @@
+<% add_decidim_page_title(t("devise.sessions.new.sign_in")) %>
+<div class="wrapper">
+  <div class="row collapse">
+    <div class="row collapse">
+      <div class="columns large-8 large-centered text-center page-title">
+        <h1><%= t("devise.sessions.new.sign_in") %></h1>
+        <% if current_organization.sign_up_enabled? %>
+          <p>
+            <%= t(".are_you_new?") %>
+            <%= link_to t(".register"), new_user_registration_path %>
+          </p>
+        <% elsif current_organization.sign_in_enabled? %>
+          <p>
+            <%= t(".sign_up_disabled") %>
+          </p>
+        <% else %>
+          <p>
+            <%= t(".sign_in_disabled") %>
+          </p>
+        <% end %>
+      </div>
+    </div>
+    <% cache current_organization do %>
+      <%= render "decidim/devise/shared/omniauth_buttons" %>
+    <% end %>
+    <% if current_organization.sign_in_enabled? %>
+      <div class="row">
+        <div class="columns large-6 medium-centered">
+          <div class="card">
+            <div class="card__content">
+              <%= decidim_form_for(resource, namespace: "session", as: resource_name, url: session_path(resource_name), html: { class: "register-form new_user" }) do |f| %>
+                <div>
+                  <div class="field">
+                    <%= f.email_field :email %>
+                  </div>
+                  <div class="field">
+                    <%= render("decidim/friendly_signup/shared/password_fields", form: f, options: { autocomplete: "off" }) %>
+                  </div>
+                </div>
+                  <% if devise_mapping.rememberable? %>
+                    <div class="field">
+                      <%= f.check_box :remember_me %>
+                    </div>
+                  <% end %>
+                <div class="actions">
+                  <%= f.submit t("devise.sessions.new.sign_in"), class: "button expanded" %>
+                </div>
+              <% end %>
+              <%= render "decidim/devise/shared/links" %>
+            </div>
+          </div>
+        </div>
+      </div>
+    <% end %>
+  </div>
+</div>

data/app/views/decidim/friendly_signup/confirmation_codes/index.html.erb ADDED Viewed

@@ -0,0 +1,38 @@
+<% add_decidim_page_title(t(".enter_code")) %>
+<div class="wrapper">
+<div class="row collapse">
+  <div class="row collapse">
+    <div class="columns large-8 large-centered text-center page-title">
+      <h1><%= t(".title") %></h1>
+      <h6><%= t(".subtitle") %></h6>
+    </div>
+  </div>
+  <div class="row">
+    <div class="columns medium-10 large-8 medium-centered">
+      <div class="card">
+        <div class="card__content">
+          <p class="text-center"><%= t(".description", email: "<strong>#{user.email}</strong>").html_safe %></p>
+          <%= decidim_form_for(confirmation_form, url: decidim_friendly_signup.confirmation_codes_path(confirmation_token: confirmation_form.confirmation_token)) do |f| %>
+            <div class="field confirmation-code-inputs">
+              <%= number_field_tag "confirmation_numbers[0]", "", autofocus: true, autocomplete: :off %>
+              <%= number_field_tag "confirmation_numbers[1]", "", autocomplete: :off %>
+              <%= number_field_tag "confirmation_numbers[2]", "", autocomplete: :off %>
+              <%= number_field_tag "confirmation_numbers[3]", "", autocomplete: :off %>
+            </div>
+            <div class="actions text-center">
+              <%= f.submit t(".verify"), class: "button text-uppercase" %>
+            </div>
+          <% end %>
+          <p class="text-center">
+            <%= link_to t(".code_not_received"), decidim.user_confirmation_path(confirmation_token: confirmation_form.confirmation_token, "user[email]" => user.email), method: :post, data: { confirm: t(".confirm_send_code", email: user.email) } %>
+          </p>
+        </div>
+      </div>
+    </div>
+  </div>
+</div>
+</div>

data/app/views/decidim/friendly_signup/confirmation_codes_mailer/confirmation_instructions.html.erb ADDED Viewed

@@ -0,0 +1,13 @@
+<h1 class="text-center"><%= t(".title") %></h1>
+<p class="email-instructions text-center"><%= t(".subtitle", organization: link_to(@organization.name, decidim_friendly_signup.confirmation_codes_path(confirmation_token: @token))).html_safe %></p>
+<h3 class="email-instruction text-center" style="margin:1em 0 0.2em 0;"><%= t(".copy") %></h3>
+<p class="stat text-center" style="margin:1em 0 0.5em 0;"><b style="font-size: 2em"><%= @code %></b></p>
+<% if @expires_at %>
+  <p class="email-small text-center" style="margin-bottom: 2em;"><%= t(".expires_in", time: distance_of_time_in_words(Time.now, @expires_at, scope: "decidim.friendly_signup.datetime.distance_in_words")) %></p>
+<% end %>
+<p class="email-small email-closing text-center"><%= t(".ignore").html_safe %></p>

data/config/locales/en.yml CHANGED Viewed

@@ -1,10 +1,109 @@
 ---
 en:
+  activemodel:
+    attributes:
+      confirmation_code:
+        code: Confirmation code
   decidim:
     friendly_signup:
+      confirmation_code_form:
+        expired: Sorry, this code has expired, please generate a new one.
+        invalid: Code is invalid, please make sure to copy the code emailed to you.
+        invalid_token: Invalid token.
+      confirmation_codes:
+        create:
+          user_confirmed: Welcome %{name}! Your account has been succesfully confirmed!
+        index:
+          code_not_received: Didn't receive the code?
+          confirm_send_code: Do you want to resend the confirmation code to %{email}?<br>Be
+            sure to check the spam folder just in case!
+          description: You should receive a 4 digit code at %{email}.<br>If you can't
+            find it, please check your spam folder or wait  up to 10 minutes.
+          enter_code: Enter code
+          subtitle: You need to confirm your email address to be able to submit proposals,
+            comment and vote.
+          title: One last step...
+          verify: Verify
+        mailer:
+          subject: Confirm your account at %{organization}
+        resend_code:
+          sent: The confirmation code has been sent to %{email}.
+      confirmation_codes_mailer:
+        confirmation_instructions:
+          copy: 'Copy this code:'
+          expires_in: It will expire in %{time}.
+          ignore: |-
+            If you didn't request this comunication, please ignore this email.<br />
+            Your account won't be active until your account is fully confirmed.
+          subtitle: To finalize the registration you just need to copy the 4 digit
+            code below, go back to the %{organization} signup page and paste it!
+          title: You're almost there!
+      datetime:
+        distance_in_words:
+          about_x_hours:
+            one: about 1 hour
+            other: about %{count} hours
+          about_x_months:
+            one: about 1 month
+            other: about %{count} months
+          about_x_years:
+            one: about 1 year
+            other: about %{count} years
+          almost_x_years:
+            one: almost 1 year
+            other: almost %{count} years
+          half_a_minute: half a minute
+          less_than_x_minutes:
+            one: less than a minute
+            other: less than %{count} minutes
+          less_than_x_seconds:
+            one: less than 1 second
+            other: less than %{count} seconds
+          over_x_years:
+            one: over 1 year
+            other: over %{count} years
+          x_days:
+            one: 1 day
+            other: "%{count} days"
+          x_minutes:
+            one: 1 minute
+            other: "%{count} minutes"
+          x_months:
+            one: 1 month
+            other: "%{count} months"
+          x_seconds:
+            one: 1 second
+            other: "%{count} seconds"
+      errors:
+        messages:
+          blank: Looks like you haven’t entered anything in this field
+          email:
+            blank: Please enter an email address
+            invalid: The email address looks incomplete
+            taken: This email is already in use for another account. Try signing in
+              or use another email
+          password:
+            email_included_in_password: The password you have entered is too similar
+              to your email
+            name_included_in_password: The password you have entered is too similar
+              to your name
+            nickname_included_in_password: The password you have entered is too similar
+              to your nickname
+            not_enough_unique_characters: The password you have entered does not have
+              enough different characters
+            password_too_common: The password you have entered is very common - we
+              suggest using a different password
+            password_too_short: The password you have entered is too short
       shared:
         password_fields:
           hidden_password: Your password is hidden
           hide_password: Hide password
           show_password: Show password
           shown_password: Your password is shown
+  devise:
+    confirmations:
+      signed_up_but_code_required: A message with a code has been sent to your email
+        address. Please copy and paste the received code in this page.
+    registrations:
+      signed_up_but_code_required: A message with a code has been sent to your email
+        address. Please copy and paste the received code in this page.

data/lib/decidim/friendly_signup/engine.rb CHANGED Viewed

@@ -2,6 +2,7 @@
 require "rails"
 require "decidim/core"
+require "rack/attack"
 module Decidim
   module FriendlySignup
@@ -10,20 +11,37 @@ module Decidim
       isolate_namespace Decidim::FriendlySignup
       routes do
+        devise_scope :user do
+          resources :confirmation_codes, only: [:index, :create]
+        end
         post :validate, to: "validator#validate"
+        put :validate, to: "validator#validate"
       end
       # Prepare a zone to create overrides
       # https://edgeguides.rubyonrails.org/engines.html#overriding-models-and-controllers
       # overrides
       config.after_initialize do
+        Decidim::Devise::SessionsController.include(Decidim::FriendlySignup::NeedsHeaderSnippets)
         Decidim::Devise::RegistrationsController.include(Decidim::FriendlySignup::NeedsHeaderSnippets)
-        Decidim::Devise::InvitationsController.include(Decidim::FriendlySignup::NeedsHeaderSnippets)
         Decidim::Devise::PasswordsController.include(Decidim::FriendlySignup::NeedsHeaderSnippets)
+        Decidim::Devise::InvitationsController.include(Decidim::FriendlySignup::NeedsHeaderSnippets)
+        Decidim::Devise::RegistrationsController.include(Decidim::FriendlySignup::RegistrationsRedirect)
+        Decidim::Devise::ConfirmationsController.include(Decidim::FriendlySignup::RegistrationsRedirect)
         Decidim::AccountController.include(Decidim::FriendlySignup::NeedsHeaderSnippets)
+        Decidim::RegistrationForm.include(Decidim::FriendlySignup::AutoNickname)
+        Decidim::User.include(Decidim::FriendlySignup::NeedsRegistrationCodes)
+      end
+      initializer "friendly_signup.confirmation_throttling" do
+        # Throttle confirmation attempts for a given code parameter to 6 reqs/minute
+        # Return the confirmation_token as a discriminator on POST /users/sign_in requests
+        Rack::Attack.throttle("limit confirmations attempts per code", limit: 5, period: 60.seconds) do |request|
+          request.params["confirmation_token"] if request.path == "/friendly_signup/confirmation_codes" && request.post?
+        end
       end
-      initializer "FriendlySignup.webpacker.assets_path" do
+      initializer "friendly_signup.webpacker.assets_path" do
         Decidim.register_assets_path File.expand_path("app/packs", root)
       end
     end

data/lib/decidim/friendly_signup/user_attribute_validator.rb CHANGED Viewed

@@ -28,11 +28,44 @@ module Decidim
       end
       def error
-        errors.flatten.map(&:upcase_first).join(". ") unless valid?
+        return if valid?
+        errors.map do |msg|
+          key = find_key(msg)
+          next if key == :nickname_included_in_password && FriendlySignup.hide_nickname.present?
+          custom_error(key).presence || msg.upcase_first
+        end.join(".<br>")
       end
       private
+      def custom_error(key)
+        return if key.blank?
+        generic = I18n.t(key, scope: "decidim.friendly_signup.errors.messages", default: "")
+        I18n.t("#{attribute}.#{key}", scope: "decidim.friendly_signup.errors.messages", default: generic)
+      end
+      def find_key(msg)
+        case attribute
+        when "password"
+          [:blacklisted,
+           :domain_included_in_password,
+           :email_included_in_password,
+           :fallback,
+           :name_included_in_password,
+           :nickname_included_in_password,
+           :not_enough_unique_characters,
+           :password_not_allowed,
+           :password_too_common,
+           :password_too_long,
+           :password_too_short].find { |key| msg == I18n.t(key, scope: "password_validator") }
+        else
+          [:blank, :invalid, :taken].find { |key| msg == I18n.t(key, scope: "errors.messages") }
+        end
+      end
       def valid_attribute?
         %w(nickname email name password).include? attribute.to_s
       end
@@ -40,10 +73,6 @@ module Decidim
       def valid_suggestor?
         ["nickname"].include? attribute.to_s
       end
-      def valid_users
-        Decidim::UserBaseEntity.where(invitation_token: nil, organization: current_organization)
-      end
     end
   end
 end

data/lib/decidim/friendly_signup/version.rb CHANGED Viewed

@@ -5,6 +5,6 @@ module Decidim
   module FriendlySignup
     DECIDIM_VERSION = "0.26.2"
     COMPAT_DECIDIM_VERSION = "~> 0.26.0"
-    VERSION = "0.2"
+    VERSION = "0.4.1"
   end
 end

data/lib/decidim/friendly_signup.rb CHANGED Viewed

@@ -18,6 +18,23 @@ module Decidim
     config_accessor :use_instant_validation do
       true
     end
+    # Whether to hide nickname and generate it automatically
+    config_accessor :hide_nickname do
+      true
+    end
+    # Use confirmation codes instead of confirmation links
+    config_accessor :use_confirmation_codes do
+      true
+    end
+    # Generates a secure code from a string
+    def self.confirmation_code(hash)
+      num = Decidim::Tokenizer.new(salt: Rails.application.secret_key_base).int_digest(hash).to_s[0..3]
+      num += "0" while num.size < 4
+      num.to_i
+    end
   end
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: decidim-friendly_signup
 version: !ruby/object:Gem::Version
-  version: '0.2'
+  version: 0.4.1
 platform: ruby
 authors:
 - Ivan Vergés
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2022-07-13 00:00:00.000000000 Z
+date: 2022-07-27 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: decidim-core
@@ -49,20 +49,31 @@ files:
 - README.md
 - Rakefile
 - app/controllers/concerns/decidim/friendly_signup/needs_header_snippets.rb
+- app/controllers/concerns/decidim/friendly_signup/registrations_redirect.rb
 - app/controllers/decidim/friendly_signup/application_controller.rb
+- app/controllers/decidim/friendly_signup/confirmation_codes_controller.rb
 - app/controllers/decidim/friendly_signup/validator_controller.rb
+- app/forms/concerns/decidim/friendly_signup/auto_nickname.rb
+- app/forms/decidim/friendly_signup/confirmation_code_form.rb
+- app/mailers/decidim/friendly_signup/confirmation_codes_mailer.rb
+- app/models/concerns/decidim/friendly_signup/needs_registration_codes.rb
 - app/packs/entrypoints/decidim_friendly_signup.js
 - app/packs/entrypoints/decidim_friendly_signup.scss
 - app/packs/images/decidim/friendly_signup/icon.svg
 - app/packs/src/decidim/friendly_signup/lib/instant_validator.js
 - app/packs/src/decidim/friendly_signup/lib/password_toggler.js
+- app/packs/src/decidim/friendly_signup/setup_confirmations.js
 - app/packs/src/decidim/friendly_signup/setup_password.js
 - app/packs/src/decidim/friendly_signup/setup_validations.js
+- app/packs/stylesheets/decidim/friendly_signup/_confirmation-codes.scss
 - app/packs/stylesheets/decidim/friendly_signup/_input-groups.scss
 - app/views/decidim/account/_password_fields.html.erb
 - app/views/decidim/devise/invitations/edit.html.erb
 - app/views/decidim/devise/passwords/edit.html.erb
 - app/views/decidim/devise/registrations/new.html.erb
+- app/views/decidim/devise/sessions/new.html.erb
+- app/views/decidim/friendly_signup/confirmation_codes/index.html.erb
+- app/views/decidim/friendly_signup/confirmation_codes_mailer/confirmation_instructions.html.erb
 - app/views/decidim/friendly_signup/shared/_password_fields.html.erb
 - config/assets.rb
 - config/i18n-tasks.yml