class JoinCodesController < ApplicationController allow_unauthenticated_access before_action :set_join_code before_action :ensure_join_code_is_valid layout "public" def new end def create identity = Identity.find_or_create_by!(email_address: params.expect(:email_address)) @join_code.redeem_if { |account| identity.join(account) } user = User.active.find_by!(account: @join_code.account, identity: identity) if identity == Current.identity && user.setup? redirect_to landing_url(script_name: @join_code.account.slug) elsif identity == Current.identity redirect_to new_users_verification_url(script_name: @join_code.account.slug) else terminate_session if Current.identity redirect_to_session_magic_link \ identity.send_magic_link, return_to: new_users_verification_url(script_name: @join_code.account.slug) end end private def set_join_code @join_code ||= Account::JoinCode.find_by(code: params.expect(:code), account: Current.account) end def ensure_join_code_is_valid if @join_code.nil? head :not_found elsif !@join_code.active? render :inactive, status: :gone end end end