Add JSON API support for email address changes (#2807)
This commit is contained in:
@@ -12,9 +12,15 @@ class Users::EmailAddresses::ConfirmationsController < ApplicationController
|
||||
terminate_session if Current.session
|
||||
start_new_session_for @user.identity
|
||||
|
||||
redirect_to edit_user_url(script_name: @user.account.slug, id: @user)
|
||||
respond_to do |format|
|
||||
format.html { redirect_to edit_user_url(script_name: @user.account.slug, id: @user) }
|
||||
format.json { head :no_content }
|
||||
end
|
||||
else
|
||||
render :invalid_token, status: :unprocessable_entity
|
||||
respond_to do |format|
|
||||
format.html { render :invalid_token, status: :unprocessable_entity }
|
||||
format.json { render json: { error: "Token is invalid or has expired" }, status: :unprocessable_entity }
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
|
||||
@@ -1,18 +1,17 @@
|
||||
class Users::EmailAddressesController < ApplicationController
|
||||
before_action :set_user
|
||||
before_action :ensure_valid_email_address, only: :create
|
||||
rate_limit to: 5, within: 1.hour, only: :create
|
||||
|
||||
def new
|
||||
end
|
||||
|
||||
def create
|
||||
identity = Identity.find_by_email_address(new_email_address)
|
||||
@user.send_email_address_change_confirmation(new_email_address)
|
||||
|
||||
if identity&.users&.exists?(account: @user.account)
|
||||
flash[:alert] = "You already have a user in this account with that email address"
|
||||
redirect_to new_user_email_address_path(@user)
|
||||
else
|
||||
@user.send_email_address_change_confirmation(new_email_address)
|
||||
respond_to do |format|
|
||||
format.html
|
||||
format.json { head :created }
|
||||
end
|
||||
end
|
||||
|
||||
@@ -21,6 +20,25 @@ class Users::EmailAddressesController < ApplicationController
|
||||
@user = Current.identity.users.find(params[:user_id])
|
||||
end
|
||||
|
||||
def ensure_valid_email_address
|
||||
if !new_email_address.match?(URI::MailTo::EMAIL_REGEXP)
|
||||
error = "Please enter a valid email address"
|
||||
elsif (identity = Identity.find_by_email_address(new_email_address))
|
||||
if identity == @user.identity
|
||||
error = "That is already your email address"
|
||||
elsif identity.users.exists?(account: @user.account)
|
||||
error = "You already have a user in this account with that email address"
|
||||
end
|
||||
end
|
||||
|
||||
if error
|
||||
respond_to do |format|
|
||||
format.html { redirect_to new_user_email_address_path(@user), alert: error }
|
||||
format.json { render json: { error: error }, status: :unprocessable_entity }
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
def new_email_address
|
||||
params.expect :email_address
|
||||
end
|
||||
|
||||
Reference in New Issue
Block a user