56 lines
1.5 KiB
Ruby
56 lines
1.5 KiB
Ruby
class JoinCodesController < ApplicationController
|
|
allow_unauthenticated_access
|
|
rate_limit to: 10, within: 3.minutes, only: :create, with: -> { head :too_many_requests }
|
|
|
|
before_action :set_join_code
|
|
before_action :ensure_join_code_is_valid
|
|
before_action :set_identity, only: :create
|
|
|
|
layout "public"
|
|
|
|
def new
|
|
end
|
|
|
|
def create
|
|
@join_code.redeem_if { |account| @identity.join(account) }
|
|
user = User.active.find_by!(account: @join_code.account, identity: @identity)
|
|
|
|
if @identity == Current.identity && user.setup?
|
|
redirect_to landing_url(script_name: @join_code.account.slug)
|
|
elsif @identity == Current.identity
|
|
redirect_to new_users_verification_url(script_name: @join_code.account.slug)
|
|
else
|
|
terminate_session if Current.identity
|
|
|
|
redirect_to_session_magic_link \
|
|
@identity.send_magic_link,
|
|
return_to: new_users_verification_url(script_name: @join_code.account.slug)
|
|
end
|
|
end
|
|
|
|
private
|
|
def set_identity
|
|
@identity = Identity.find_or_initialize_by(email_address: params.expect(:email_address))
|
|
|
|
if @identity.new_record?
|
|
if @identity.invalid?
|
|
head :unprocessable_entity
|
|
else
|
|
@identity.save!
|
|
end
|
|
end
|
|
end
|
|
|
|
def set_join_code
|
|
@join_code ||= Account::JoinCode.find_by(code: params.expect(:code), account: Current.account)
|
|
end
|
|
|
|
def ensure_join_code_is_valid
|
|
if @join_code.nil?
|
|
head :not_found
|
|
elsif !@join_code.active?
|
|
render :inactive, status: :gone
|
|
end
|
|
end
|
|
end
|