quo_vadis 2.0.1 → 2.0.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 9ed3f9c506465f26124edf6207abe8bd40d8a87587d779c9789a882eb3894153
-  data.tar.gz: 9fb0294a48aef63132e359c97529e9547d3f6e6425ebcd734b2eff08a385fe2f
+  metadata.gz: aca902d10c618abd2c9c0461aac204236b4ef7565911aafb5bb12dfe1e3b25e1
+  data.tar.gz: 3417365d9ca59d5e17a1b28118d3c9ec439b77fb228da9968512786dd3797a12
 SHA512:
-  metadata.gz: a40cb588843f7e78d186e3203ac082e7238ceb21ced56393b26822b353797f214cd4d0bc77242a1d51d4e197a6ca95f2d0b6eebd97a8f730bda48eb2f86c9c3b
-  data.tar.gz: 826424470205327161484deff2aa1a031fd7426bf189c493488a9223fbe542b32ea47c89faa6b732fc3fe9d02da6bcd59cd7d31d042b9a30b775e3fae9229c34
+  metadata.gz: 5ffdeced9bd86b0a64fe21f3491f3ad03cb2098f0687b663ab794c37e278383ad235df856d8a18bf8e73108d602661990992dd033cbc1358849b8824ac25aff6
+  data.tar.gz: 59c52478f7a5bc8ee0befe682ee520feec894c6fefe875cc84395e827ae62f9cbf5eb588862cf8eb3888b5b0ba102700b61f5d401156dc9eff893e05307d1787

data/CHANGELOG.md

@@ -1,6 +1,16 @@
 # CHANGELOG
 
 
+## HEAD
+
+
+## 2.0.2 (24 May 2021)
+
+* Account confirmation: enable updating of email address.
+* Account confirmation: enable direct resending of email.
+* Log unknown identifier in metadata.
+
+
 ## 2.0.1 (18 May 2021)
 
 * Remove Gemfile.lock from repo.

data/README.md

@@ -232,7 +232,7 @@ class UsersController < ApplicationController
     @user = User.new user_params
     if @user.save
       request_confirmation @user
-      redirect_to qv.confirmations_path  # a page where you advise the user to check their email
+      redirect_to quo_vadis.confirmations_path  # a page where you advise the user to check their email
     else
       # ...
     end
@@ -252,7 +252,7 @@ See the Configuration section below for how to set QuoVadis's emails' from addre
 
 Now write the page to where the user is redirected while they wait for the email ([example](https://github.com/airblade/quo_vadis/blob/master/test/dummy/app/views/quo_vadis/confirmations/index.html.erb)).  It must be in `app/views/quo_vadis/confirmations/index.html.:format`.
 
-It's a good idea for that page to link to `new_confirmation_path` where the user can request another email if need be.
+On that page you can show the user the address the email was sent to, enable them to update their email address if they make a mistake on the sign-up form, and provide a button to resend another email directly.  If the sign-up occurred in a different browser session, you can instead link to `new_confirmation_path` where the user can request another email if need be.
 
 Next, write the page to which the link in the email points ([example](https://github.com/airblade/quo_vadis/blob/master/test/dummy/app/views/quo_vadis/confirmations/edit.html.erb)).  It must be in `app/views/quo_vadis/confirmations/edit.html.:format`.
 
@@ -488,13 +488,32 @@ For example, the default login path is at `/login`.  If you set `mount_point` to
 
 #### Rails configuration
 
+__Mailer URLs__
+
 You must also configure the mailer host so URLs are generated correctly in emails:
 
 ```ruby
 config.action_mailer.default_url_options: { host: 'example.com' }
 ```
 
-Finally, you can set up your post-authentication and post-password-change routes.  If you don't, you must have a root route.  For example:
+__Layouts__
+
+You can specify QuoVadis's controllers' layouts in a `#to_prepare` block in your application configuration.  For example:
+
+```ruby
+# config/application.rb
+module YourApp
+  class Application < Rails::Application
+    config.to_prepare do
+      QuoVadis::ConfirmationsController.layout 'your_layout'
+    end
+  end
+end
+```
+
+__Routes__
+
+You can set up your post-authentication and post-password-change routes.  If you don't, you must have a root route.  For example:
 
 ```ruby
 # config/routes.rb

data/app/controllers/quo_vadis/confirmations_controller.rb

@@ -5,6 +5,7 @@ module QuoVadis
 
     # holding page
     def index
+      @account = find_pending_account_from_session
     end
 
 
@@ -45,12 +46,57 @@ module QuoVadis
       end
 
       account.confirmed!
-
       qv.log account, Log::ACCOUNT_CONFIRMATION
 
+      session.delete :account_pending_confirmation
+
       login account.model, true
       redirect_to qv.path_after_authentication, notice: QuoVadis.translate('flash.confirmation.confirmed')
     end
 
+
+    def edit_email
+      account = find_pending_account_from_session
+
+      unless account
+        redirect_to confirmations_path, alert: QuoVadis.translate('flash.confirmation.unknown') and return
+      end
+
+      @email = account.model.email
+    end
+
+
+    def update_email
+      account = find_pending_account_from_session
+
+      unless account
+        redirect_to confirmations_path, alert: QuoVadis.translate('flash.confirmation.unknown') and return
+      end
+
+      account.model.update email: params[:email]
+
+      request_confirmation account.model
+      redirect_to confirmations_path
+    end
+
+
+    def resend
+      account = find_pending_account_from_session
+
+      unless account
+        redirect_to confirmations_path, alert: QuoVadis.translate('flash.confirmation.unknown') and return
+      end
+
+      request_confirmation account.model
+      redirect_to confirmations_path
+    end
+
+
+    private
+
+    def find_pending_account_from_session
+      Account.find(session[:account_pending_confirmation]) if session[:account_pending_confirmation]
+    end
+
   end
 end

data/app/controllers/quo_vadis/sessions_controller.rb

@@ -21,7 +21,7 @@ module QuoVadis
       account = QuoVadis.find_account_by_identifier_in_params params
 
       unless account
-        qv.log nil, Log::LOGIN_UNKNOWN
+        qv.log nil, Log::LOGIN_UNKNOWN, identifier: QuoVadis.identifier_value_in_params(params)
         flash.now[:alert] = QuoVadis.translate 'flash.login.failed'
         render :new
         return

data/config/routes.rb

@@ -15,7 +15,13 @@ QuoVadis::Engine.routes.draw do
   get '/pwd-reset/:token', to: 'password_resets#edit',   as: 'edit_password_reset'
   put '/pwd-reset/:token', to: 'password_resets#update', as: 'password_reset'
 
-  resources :confirmations, only: [:new, :create, :index]
+  resources :confirmations, only: [:new, :create, :index] do
+    collection do
+      get :edit_email
+      put :update_email
+      post :resend
+    end
+  end
   get '/confirm/:token', to: 'confirmations#edit',   as: 'edit_confirmation'
   put '/confirm/:token', to: 'confirmations#update', as: 'confirmation'
 

data/lib/quo_vadis.rb

@@ -45,8 +45,12 @@ module QuoVadis
     end
 
     def find_account_by_identifier_in_params(params)
+      Account.find_by identifier: identifier_value_in_params(params)
+    end
+
+    def identifier_value_in_params(params)
       identifier = detect_identifier params.keys
-      Account.find_by identifier: params[identifier]
+      params[identifier]
     end
 
     # model - string class name, e.g. 'User'

data/lib/quo_vadis/controller.rb

@@ -89,6 +89,7 @@ module QuoVadis
     def request_confirmation(model)
       token = QuoVadis::AccountConfirmationToken.generate model.qv_account
       QuoVadis.deliver :account_confirmation, email: model.email, url: quo_vadis.edit_confirmation_url(token)
+      session[:account_pending_confirmation] = model.qv_account.id
 
       flash[:notice] = QuoVadis.translate 'flash.confirmation.create'
     end

data/lib/quo_vadis/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module QuoVadis
-  VERSION = '2.0.1'
+  VERSION = '2.0.2'
 end

data/test/dummy/app/controllers/sign_ups_controller.rb

@@ -13,7 +13,7 @@ class SignUpsController < ApplicationController
     if @user.save
       if QuoVadis.accounts_require_confirmation
         request_confirmation @user
-        redirect_to sign_up_path(@user)
+        redirect_to quo_vadis.confirmations_path
       else
         redirect_to articles_path
       end

data/test/dummy/app/views/quo_vadis/confirmations/edit_email.html.erb

@@ -0,0 +1,14 @@
+<h1>Account confirmation: change email</h1>
+
+<p>Please update your email address.</p>
+
+<%= form_with url: update_email_confirmations_path, method: :put do |f| %>
+  <p>
+    <%= f.label :email %>
+    <%= f.text_field :email, value: @email, inputmode: 'email', autocomplete: 'email' %>
+  </p>
+
+  <p>
+    <%= f.submit 'Update my email address and send me a new confirmation email' %>
+  </p>
+<% end %>

data/test/dummy/app/views/quo_vadis/confirmations/index.html.erb

@@ -1,5 +1,14 @@
 <h1>Account confirmation</h1>
 
-<p>Please check your email.</p>
+<% if @account %>
+  <p>We have sent an email to <%= @account.model.email %>.</p>
 
-<p><%= link_to 'Request a new email', new_confirmation_path %></p>
+  <p>Wrong address?  <%= link_to 'Change it', edit_email_confirmations_path %>.</p>
+
+  <p>Didn't receive it?  <%= button_to 'Get another one', resend_confirmations_path %></p>
+
+<% else %>
+  <p>We have sent an email to you.</p>
+
+  <p><%= link_to 'Request a new email', new_confirmation_path %></p>
+<% end %>

data/test/integration/account_confirmation_test.rb

@@ -6,6 +6,10 @@ class AccountConfirmationTest < IntegrationTest
     QuoVadis.accounts_require_confirmation true
   end
 
+  teardown do
+    QuoVadis.accounts_require_confirmation false
+  end
+
 
   test 'new signup requiring confirmation' do
     assert_emails 1 do
@@ -36,8 +40,37 @@ class AccountConfirmationTest < IntegrationTest
   end
 
 
+  test 'new signup updates email' do
+    assert_emails 1 do
+      post sign_ups_path(user: {name: 'Bob', email: 'bob@example.com', password: '123456789abc'})
+    end
+
+    get quo_vadis.edit_email_confirmations_path
+    assert_response :success
+
+    # First email: changed-email notifier sent to original address
+    # Second email: confirmation email sent to new address
+    assert_emails 2 do
+      put quo_vadis.update_email_confirmations_path(email: 'bobby@example.com')
+    end
+    assert_equal ['bobby@example.com'], ActionMailer::Base.deliveries.last.to
+    assert_redirected_to quo_vadis.confirmations_path
+  end
+
+
+  test 'resend confirmation email in same session' do
+    assert_emails 1 do
+      post sign_ups_path(user: {name: 'Bob', email: 'bob@example.com', password: '123456789abc'})
+    end
+
+    assert_emails 1 do
+      post quo_vadis.resend_confirmations_path
+    end
+  end
+
+
   test 'resend confirmation email: valid identifier' do
-    user = User.create! name: 'bob', email: 'bob@example.com', password: '123456789abc'
+    User.create! name: 'bob', email: 'bob@example.com', password: '123456789abc'
 
     get quo_vadis.new_confirmation_path
     assert_response :success
@@ -91,7 +124,7 @@ class AccountConfirmationTest < IntegrationTest
 
 
   test 'accounts requiring confirmation cannot log in' do
-    user = User.create! name: 'bob', email: 'bob@example.com', password: '123456789abc'
+    User.create! name: 'bob', email: 'bob@example.com', password: '123456789abc'
     post quo_vadis.login_path(email: 'bob@example.com', password: '123456789abc')
     assert_redirected_to quo_vadis.new_confirmation_path
     assert_equal 'Please confirm your account first.', flash[:notice]

data/test/integration/logging_test.rb

@@ -43,7 +43,7 @@ class LoggingTest < IntegrationTest
 
 
   test 'login.unknown' do
-    assert_log QuoVadis::Log::LOGIN_UNKNOWN, {}, nil do
+    assert_log QuoVadis::Log::LOGIN_UNKNOWN, {'identifier' => 'wrong'}, nil do
       post quo_vadis.login_path(email: 'wrong', password: 'wrong')
     end
   end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: quo_vadis
 version: !ruby/object:Gem::Version
-  version: 2.0.1
+  version: 2.0.2
 platform: ruby
 authors:
 - Andy Stewart
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2021-05-18 00:00:00.000000000 Z
+date: 2021-05-24 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -132,6 +132,7 @@ files:
 - test/dummy/app/views/articles/very_secret.html.erb
 - test/dummy/app/views/layouts/application.html.erb
 - test/dummy/app/views/quo_vadis/confirmations/edit.html.erb
+- test/dummy/app/views/quo_vadis/confirmations/edit_email.html.erb
 - test/dummy/app/views/quo_vadis/confirmations/index.html.erb
 - test/dummy/app/views/quo_vadis/confirmations/new.html.erb
 - test/dummy/app/views/quo_vadis/logs/index.html.erb