spree_auth_devise 4.1.0 → 4.3.3

data/app/views/spree/user_mailer/confirmation_instructions.text.erb

@@ -1,5 +1,8 @@
-Welcome <%= @email %>!
-
-You can confirm your account email through the url below:
-
-<%= @confirmation_url %>
+<%= Spree.t('user_mailer.confirmation_instructions.welcome', email: @email) %>
+<%= Spree.t('user_mailer.confirmation_instructions.instructions_1', { store_name: @current_store.name }) %>
+<%= Spree.t('user_mailer.confirmation_instructions.instructions_2') %>
+<%= Spree.t('user_mailer.confirmation_instructions.button') %>
+<%= @confirmation_url %>
+<%= Spree.t('user_mailer.confirmation_instructions.instructions_3') %>
+<%= Spree.t('user_mailer.confirmation_instructions.thanks') %>
+<%= Spree.t('user_mailer.confirmation_instructions.store_team', { store_name: @current_store.name }) %>

data/app/views/spree/user_mailer/reset_password_instructions.html.erb

@@ -0,0 +1,20 @@
+<h1>
+  <%= Spree.t('user_mailer.reset_password_instructions.welcome', email: @user.email) %>
+</h1>
+<p>
+  <%= Spree.t('user_mailer.reset_password_instructions.instructions_1', { store_name: @current_store.name }) %>
+</p>
+<p>
+  <%= Spree.t('user_mailer.reset_password_instructions.instructions_2') %>
+</p>
+<p class="body-action">
+  <a href="<%= @edit_password_reset_url %>" class="button button--green"><%= Spree.t('user_mailer.reset_password_instructions.button') %></a>
+</p>
+<p>
+  <%= Spree.t('user_mailer.reset_password_instructions.instructions_3') %>
+</p>
+<p>
+  <%= Spree.t('user_mailer.reset_password_instructions.thanks') %>
+  <br />
+  <%= Spree.t('user_mailer.reset_password_instructions.store_team', { store_name: @current_store.name }) %>
+</p>

data/app/views/spree/user_mailer/reset_password_instructions.text.erb

@@ -1,10 +1,12 @@
-A request to reset your password has been made.
-If you did not make this request, simply ignore this email.
+<%= Spree.t('user_mailer.reset_password_instructions.welcome', email: @user.email) %>
 
-If you did make this request just click the link below:
+<%= Spree.t('user_mailer.reset_password_instructions.instructions_1', { store_name: @current_store.name }) %>
+<%= Spree.t('user_mailer.reset_password_instructions.instructions_2') %>
 
+<%= Spree.t('user_mailer.reset_password_instructions.button') %>
 <%= @edit_password_reset_url %>
 
-If the above URL does not work try copying and pasting it into your browser.
-If you continue to have problems please feel free to contact us.
+<%= Spree.t('user_mailer.reset_password_instructions.instructions_3') %>
 
+<%= Spree.t('user_mailer.reset_password_instructions.thanks') %>
+<%= Spree.t('user_mailer.reset_password_instructions.store_team', { store_name: @current_store.name }) %>

data/config/initializers/warden.rb

@@ -3,7 +3,7 @@ Warden::Manager.after_set_user except: :fetch do |user, auth, _opts|
   token = auth.cookies.signed[:guest_token] || auth.cookies.signed[:token]
   token_attr = Spree::Order.has_attribute?(:token) ? :token : :guest_token
 
-  if token.present? && user.is_a?(Spree::User)
+  if token.present? && user.is_a?(Spree.user_class)
     Spree::Order.incomplete.where(token_attr => token, user_id: nil).each do |order|
       order.associate_user!(user)
     end

data/config/locales/de.yml

@@ -1,9 +1,21 @@
 ---
 de:
+  spree:
+    admin_login: Admin Login
+    change_your_password: Kennwort zurücksetzen
+    user_mailer:
+      reset_password_instructions:
+        instructions_1: "Es wurde eine Anfrage zum Zurücksetzen Ihres Passworts gestellt.\nWenn Sie diese Anfrage nicht gestellt haben, ignorieren Sie diese E-Mail.\n\nWenn Sie diese Anfrage gestellt haben, klicken Sie bitte auf den folgenden Link:"
+        instructions_2: "Falls die obige URL nicht funktioniert, bitte URL kopieren und in Ihren Browser einfügen\nWenn Sie weiterhin Probleme haben, können Sie sich gerne an uns wenden."
+      confirmation_instructions:
+        welcome: "Schön, dass Sie hier sind %{email}"
+        confirm: "Sie können Ihre Konto-E-Mail-Adresse über die folgende URL bestätigen:"
   devise:
     confirmations:
       confirmed: Ihr Konto wurde erfolgreich aktiviert.
       send_instructions: 'In ein paar Minuten erhalten Sie eine E-Mail mit Anweisungen, um Ihr Konto zu aktivieren.'
+      spree_user:
+        already_confirmed: Ihre E-Mail wurde bereits bestätigt. Bitte versuchen Sie erneut, sich anzumelden.
     failure:
       inactive: Ihr Konto wurde noch nicht aktiviert.
       invalid: Ungültige E-Mail-Adresse oder Passwort.
@@ -28,16 +40,20 @@ de:
     user_passwords:
       spree_user:
         cannot_be_blank: Ihr Passwort darf nicht leer sein.
+        no_token: Sie können nicht auf diese Seite zugreifen, wenn Sie den Link aus einer E-Mail zum Zurücksetzen des Kennworts nicht verwenden. Wenn Sie den Link aus einer E-Mail zum Zurücksetzen des Passworts verwenden, stellen Sie bitte sicher, dass Sie die vollständige URL verwendet haben.
         send_instructions: In ein paar Minuten erhalten Sie eine E-Mail mit Anweisungen um Ihr Passwort zurücksetzen.
         updated: Ihr Passwort wurde erfolgreich geändert.
     user_registrations:
       destroyed: Ihr Konto wurde erfolgreich gelöscht. Auf Wiedersehen!
       inactive_signed_up: 'Sie haben sich erfolgreich registriert. Wir konnten Sie jedoch nicht anmelden, da Ihr Konto %{reason} ist.'
+      signed_up_but_unconfirmed: Eine Nachricht mit einem Bestätigungslink wurde an Ihre E-Mail-Adresse gesendet. Bitte folgen Sie dem Link, um Ihr Konto zu aktivieren.
       signed_up: Herzlich Willkommen! Sie haben sich erfolgreich registriert.
       updated: Sie haben Ihr Konto erfolgreich aktualisiert.
     user_sessions:
       signed_in: Erfolgreich angemeldet.
       signed_out: Erfolgreich abgemeldet.
+      already_signed_in: Bereits angemeldet.
+      already_signed_out: Bereits abgemeldet.
   errors:
     messages:
       already_confirmed: wurde bereits bestätigt

data/config/locales/en.yml

@@ -3,11 +3,26 @@ en:
   spree:
     admin_login: "Admin Login"
     change_your_password: "Change your password"
-    store_credits:
-      credit_balance: Store Credit Balance
+    user_mailer:
+      reset_password_instructions:
+        welcome: "Hi %{email}"
+        instructions_1: "A request to reset the password for your %{store_name} account has been made."
+        instructions_2: Click the button below to reset it.
+        instructions_3: If you did not request a password change ignore this email or contact us.
+        button: Reset your password
+        thanks: Thank you,
+        store_team: "%{store_name} Team"
+      confirmation_instructions:
+        welcome: "Welcome %{email}!"
+        instructions_1: "Thanks for registering at %{store_name}."
+        instructions_2: "Click the button below to confirm your account:"
+        instructions_3: If you have any questions, feel free to simply reply to this email.
+        button: Confirm email address
+        thanks: Thank you,
+        store_team: "%{store_name} Team"
   devise:
     confirmations:
-      confirmed: Your account was successfully confirmed. You are now signed in.
+      confirmed: Your account was successfully confirmed. You can now log in.
       send_instructions: You will receive an email with instructions about how to confirm your account in a few minutes.
       spree_user:
         already_confirmed: Email was already confirmed, please try signing in.
@@ -26,8 +41,6 @@ en:
         subject: Reset password instructions
       unlock_instructions:
         subject: Unlock Instructions
-      confirmation_instructions:
-        subject: Confirmation instructions
     oauth_callbacks:
       failure: 'Could not authorize you from %{kind} because %{reason}.'
       success: 'Successfully authorized from %{kind} account.'

data/config/locales/zh-TW.yml

@@ -0,0 +1,58 @@
+---
+zh-TW:
+  spree:
+    admin_login: "管理員登入"
+    change_your_password: "更改密碼"
+  devise:
+    confirmations:
+      confirmed: 你的帳號已經確認完成，現在你已經登入網站了。
+      send_instructions: 你會在幾分鐘內收到一封帳號確認信來確認你的帳號。
+      spree_user:
+        already_confirmed: Email 已確認，請登入。
+    failure:
+      inactive: 你的帳號尚未啟用。
+      invalid: 帳號或密碼有誤。
+      invalid_token: 錯誤的認證代碼。
+      locked: 你的帳號已經被停權，請聯絡客服人員。
+      timeout: 你的登入已經逾時，請重新登入。
+      unauthenticated: 你需要登入來繼續。
+      unconfirmed: 你的帳號需要確認來繼續。
+    mailer:
+      confirmation_instructions:
+        subject: 帳號確認教學
+      reset_password_instructions:
+        subject: 重設密碼教學
+      unlock_instructions:
+        subject: 帳號解鎖教學
+    oauth_callbacks:
+      failure: '由於%{reason}，無法透過%{kind}確認你的帳號。'
+      success: '成功的由%{kind}認證你的帳號。'
+    unlocks:
+      send_instructions: 你在幾分鐘後會收到一封 Email 教你如何解鎖帳號。
+      unlocked: 你的帳號已經解鎖，現在你已經登入網站了。
+    user_passwords:
+      spree_user:
+        cannot_be_blank: 密碼不能為空白。
+        no_token: "你只能透過重新設定密碼的 Email 內的連結來訪問此頁面。如果你真的是透過那封 Email 來此頁面，請確定你是透過完整的網址過來的。"
+        send_instructions: 你在幾分鐘後會收到一封 Email 教你如何更改密碼。
+        updated: 你的密碼已經更改成功，你已成功登入。
+    user_registrations:
+      destroyed: 再見！你的帳號已經被取消了，但我們希望能再服務你。
+      inactive_signed_up: '你已經成功註冊，但由於%{reason}的原因，導致帳號無法登入。'
+      signed_up_but_unconfirmed: 確認信件已經寄到您的信箱，請按照上面的教學完成您的註冊。
+      signed_up: 歡迎！你已經成功註冊了。
+      updated: 你的帳號已經成功更新。
+    user_sessions:
+      signed_in: 登入成功
+      signed_out: 登出成功
+      already_signed_in: 已經登入
+      already_signed_out: 已經登入
+  errors:
+    messages:
+      already_confirmed: 已確認
+      email_is_invalid: Email 不能為空值
+      not_found: 找不到
+      not_locked: 沒有被鎖住
+      not_saved:
+        one: '%{resource}由於以下的一個錯誤導致無法被儲存：'
+        other: '%{resource}由於以下的%{count}個錯誤導致無法被儲存：'

data/config/routes.rb

@@ -21,7 +21,7 @@ Spree::Core::Engine.add_routes do
     post '/password/recover' => 'user_passwords#create', :as => :reset_password
     get '/password/change' => 'user_passwords#edit', :as => :edit_password
     put '/password/change' => 'user_passwords#update', :as => :update_password
-    get '/confirm' => 'user_confirmations#show', :as => :confirmation if Spree::Auth::Config[:confirmable]
+    get '/confirm' => 'user_confirmations#show', :as => :confirmation
   end
 
   get '/checkout/registration' => 'checkout#registration', :as => :checkout_registration
@@ -42,6 +42,18 @@ Spree::Core::Engine.add_routes do
       get '/login' => 'user_sessions#new', :as => :login
       post '/login' => 'user_sessions#create', :as => :create_new_session
       get '/logout' => 'user_sessions#destroy', :as => :logout
+      get '/password/recover' => 'user_passwords#new', :as => :recover_password
+      post '/password/recover' => 'user_passwords#create', :as => :reset_password
+    end
+  end
+
+  namespace :api, defaults: { format: 'json' } do
+    namespace :v2 do
+      namespace :storefront do
+        resource :account, controller: :account, only: %i[show create update]
+        resources :account_confirmations, only: %i[show]
+        resources :passwords, controller: :passwords, only: %i[create update]
+      end
     end
   end
 end

data/gemfiles/spree_4_1.gemfile

@@ -3,6 +3,6 @@
 source "https://rubygems.org"
 
 gem "rails-controller-testing"
-gem "spree", github: "spree/spree", branch: "master"
+gem "spree", "~> 4.1"
 
 gemspec path: "../"

data/lib/controllers/api/spree/api/v2/storefront/account_controller_decorator.rb

@@ -0,0 +1,41 @@
+module Spree
+  module Api
+    module V2
+      module Storefront
+        module AccountControllerDecorator
+          def self.prepended(base)
+            base.skip_before_action :require_spree_current_user, only: [:create]
+          end
+
+          def create
+            result = Spree::Account::Create.call(user_params: spree_user_params)
+
+            render_payload(result)
+          end
+
+          def update
+            result = Spree::Account::Update.call(user: spree_current_user, user_params: spree_user_params)
+
+            render_payload(result)
+          end
+
+          private
+
+          def render_payload(result)
+            if result.success?
+              render_serialized_payload { serialize_resource(result.value) }
+            else
+              render_error_payload(result.error)
+            end
+          end
+
+          def spree_user_params
+            params.require(:user).permit(Spree::PermittedAttributes.user_attributes)
+          end
+        end
+      end
+    end
+  end
+end
+
+::Spree::Api::V2::Storefront::AccountController.prepend(Spree::Api::V2::Storefront::AccountControllerDecorator)

data/lib/controllers/backend/spree/admin/user_sessions_controller.rb

@@ -59,4 +59,20 @@ class Spree::Admin::UserSessionsController < Devise::SessionsController
       "spree/layouts/admin"
     end
   end
+
+  def respond_to_on_destroy
+    # We actually need to hardcode this as Rails default responder doesn't
+    # support returning empty response on GET request
+    respond_to do |format|
+      format.all { head :no_content }
+      format.any(*navigational_formats) { redirect_to after_sign_out_redirect(resource_name) }
+    end
+  end
+
+  def after_sign_out_redirect(resource_or_scope)
+    scope = Devise::Mapping.find_scope!(resource_or_scope)
+    router_name = Devise.mappings[scope].router_name
+    context = router_name ? send(router_name) : self
+    context.respond_to?(:admin_login_path) ? context.admin_login_path : "/"
+  end
 end

data/lib/controllers/frontend/spree/checkout_controller_decorator.rb

@@ -6,7 +6,8 @@ module Spree::CheckoutControllerDecorator
   end
 
   def registration
-    @user = Spree.user_class.new
+    @user = Spree.user_class.new 
+    @title = Spree.t(:registration)
   end
 
   def update_registration

data/lib/spree/auth/engine.rb

@@ -12,7 +12,7 @@ module Spree
       end
 
       initializer "spree_auth_devise.set_user_class", after: :load_config_initializers do
-        Spree.user_class = "Spree::User"
+        Spree.user_class = 'Spree::User' if Spree.user_class.blank? || Spree.user_class.to_s == 'Spree::LegacyUser'
       end
 
       initializer "spree_auth_devise.check_secret_token" do
@@ -29,20 +29,17 @@ module Spree
           Rails.configuration.cache_classes ? require(c) : load(c)
         end
         if Spree::Auth::Engine.backend_available?
-          Rails.application.config.assets.precompile += [
-            'lib/assets/javascripts/spree/backend/spree_auth.js',
-            'lib/assets/javascripts/spree/backend/spree_auth.css'
-          ]
           Dir.glob(File.join(File.dirname(__FILE__), "../../controllers/backend/*/*/*_decorator*.rb")) do |c|
             Rails.configuration.cache_classes ? require(c) : load(c)
           end
         end
         if Spree::Auth::Engine.frontend_available?
-          Rails.application.config.assets.precompile += [
-            'lib/assets/javascripts/spree/frontend/spree_auth.js',
-            'lib/assets/javascripts/spree/frontend/spree_auth.css'
-          ]
-          Dir.glob(File.join(File.dirname(__FILE__), "../../controllers/frontend/*/*_decorator*.rb")) do |c|
+          Dir.glob(File.join(File.dirname(__FILE__), "../../controllers/frontend/**/*_decorator*.rb")) do |c|
+            Rails.configuration.cache_classes ? require(c) : load(c)
+          end
+        end
+        if Spree::Auth::Engine.api_available?
+          Dir.glob(File.join(File.dirname(__FILE__), "../../controllers/api/**/*_decorator*.rb")) do |c|
             Rails.configuration.cache_classes ? require(c) : load(c)
           end
         end
@@ -61,6 +58,10 @@ module Spree
         @@frontend_available ||= ::Rails::Engine.subclasses.map(&:instance).map{ |e| e.class.to_s }.include?('Spree::Frontend::Engine')
       end
 
+      def self.api_available?
+        @@api_available ||= ::Rails::Engine.subclasses.map(&:instance).map{ |e| e.class.to_s }.include?('Spree::Api::Engine')
+      end
+
       if backend_available?
         paths["app/controllers"] << "lib/controllers/backend"
         paths["app/views"] << "lib/views/backend"
@@ -71,6 +72,10 @@ module Spree
         paths["app/views"] << "lib/views/frontend"
       end
 
+      if api_available?
+        paths["app/controllers"] << "lib/controllers/api"
+      end
+
       config.to_prepare &method(:activate).to_proc
     end
   end

data/lib/spree/auth/version.rb

@@ -0,0 +1,9 @@
+module Spree
+  module Auth
+    VERSION = '4.3.3'.freeze
+
+    def gem_version
+      Gem::Version.new(VERSION)
+    end
+  end
+end

data/lib/spree_auth_devise.rb

@@ -1,5 +1,4 @@
 require 'spree_core'
 require 'spree/auth/devise'
 require 'spree/authentication_helpers'
-require 'deface'
 require 'spree_extension'

data/lib/views/backend/spree/admin/user_sessions/new.html.erb

@@ -24,7 +24,7 @@
             <% end %>  
           </div>
           <div class="col-lg-6 text-right">
-            <%= link_to Spree.t(:forgot_password), spree.recover_password_path %>
+            <%= link_to Spree.t(:forgot_password), spree.admin_recover_password_path %>
           </div>  
         </div>      
       </div>

data/spec/controllers/spree/api/v2/storefront/passwords_controller_spec.rb

@@ -0,0 +1,63 @@
+RSpec.describe Spree::Api::V2::Storefront::PasswordsController, type: :controller do
+  let(:user) { create(:user) }
+  let(:password) { 'new_password' }
+  let(:store) { create(:store) }
+
+  describe 'POST create' do
+    before { post :create, params: params }
+
+    context 'when the user email has not been specified' do
+      let(:params) { { user: { email: '' } } }
+      it 'responds with not found status' do
+        expect(response.code).to eq('404')
+      end
+    end
+
+    context 'when the user email not found' do
+      let(:params) { { user: { email: 'dummy_email@example.com' } } }
+      it 'responds with not found status' do
+        expect(response.code).to eq('404')
+      end
+    end
+
+    context 'when the user email has been specified' do
+      let(:params) { { user: { email: user.email } } }
+      it_behaves_like 'returns 200 HTTP status'
+    end
+  end
+
+  describe 'PATCH update' do
+    before { patch :update, params: params }
+
+    context 'when updating password with blank password' do
+      let(:params) {
+        {
+          id: user.send_reset_password_instructions(Spree::Store.current),
+          user: {
+            password: '',
+            password_confirmation: ''
+          }
+        }
+      }
+
+      it 'responds with error' do
+        expect(response.code).to eq('422')
+        expect(JSON.parse(response.body)['error']).to eq("Password can't be blank")
+      end
+    end
+
+    context 'when updating password with specified password' do
+      let(:params) {
+        {
+          id: user.send_reset_password_instructions(Spree::Store.current),
+          user: {
+            password: password,
+            password_confirmation: password
+          }
+        }
+      }
+
+      it_behaves_like 'returns 200 HTTP status'
+    end
+  end
+end