e3d91f4ba2
If someone joined an account with the same identity as they were signed in with the old logic would skip the user setup step
46 lines
1.4 KiB
Ruby
46 lines
1.4 KiB
Ruby
class JoinCodesController < ApplicationController
|
|
allow_unauthenticated_access
|
|
|
|
before_action :set_join_code
|
|
before_action :ensure_join_code_is_valid
|
|
|
|
layout "public"
|
|
|
|
def new
|
|
end
|
|
|
|
def create
|
|
identity = Identity.find_or_create_by!(email_address: params.expect(:email_address))
|
|
|
|
@join_code.redeem { |account| identity.join(account) } unless identity.member_of?(@join_code.account)
|
|
user = User.active.find_by!(account: @join_code.account, identity: identity)
|
|
|
|
if identity == Current.identity && user.setup?
|
|
redirect_to landing_url(script_name: @join_code.account.slug)
|
|
elsif identity == Current.identity
|
|
redirect_to new_users_join_url(script_name: @join_code.account.slug)
|
|
else
|
|
terminate_session if Current.identity
|
|
|
|
magic_link = identity.send_magic_link
|
|
flash[:magic_link_code] = magic_link&.code if Rails.env.development?
|
|
|
|
session[:return_to_after_authenticating] = new_users_join_url(script_name: @join_code.account.slug)
|
|
redirect_to session_magic_link_url(script_name: nil)
|
|
end
|
|
end
|
|
|
|
private
|
|
def set_join_code
|
|
@join_code ||= Account::JoinCode.find_by(code: params.expect(:code), account: Current.account)
|
|
end
|
|
|
|
def ensure_join_code_is_valid
|
|
if @join_code.nil?
|
|
head :not_found
|
|
elsif !@join_code.active?
|
|
render :inactive, status: :gone
|
|
end
|
|
end
|
|
end
|