Files
fizzy/app/controllers/users/email_addresses/confirmations_controller.rb
T
2025-11-17 09:12:39 -05:00

29 lines
679 B
Ruby

class Users::EmailAddresses::ConfirmationsController < ApplicationController
disallow_account_scope
allow_unauthenticated_access
before_action :set_membership
rate_limit to: 5, within: 1.hour, only: :create
def show
end
def create
membership = Membership.change_email_address_using_token(token)
terminate_session if Current.session
start_new_session_for membership.reload.identity
redirect_to edit_user_url(script_name: "/#{@membership.tenant}", id: @membership.user)
end
private
def set_membership
@membership = Membership.find(params[:membership_id])
end
def token
params.expect :email_address_token
end
end