jaculabilis/danbooru
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

emails: send verification mail when user changes address.

Browse Source
This commit is contained in:
evazion
2020-03-14 18:32:00 -05:00
parent 167fe51a8a
commit d860fab7f5
7 changed files with 61 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
app/controllers/emails_controller.rb
View File

@@ -21,6 +21,7 @@ class EmailsController < ApplicationController
if @user.errors.none? if @user.errors.none?
flash[:notice] = "Email updated" flash[:notice] = "Email updated"
UserMailer.email_change_confirmation(@user).deliver_later
respond_with(@user, location: settings_url) respond_with(@user, location: settings_url)
else else
flash[:notice] = @user.errors.full_messages.join("; ") flash[:notice] = @user.errors.full_messages.join("; ")
@@ -28,6 +29,15 @@ class EmailsController < ApplicationController
end end
end end
def verify
email_id = Danbooru::MessageVerifier.new(:email_verification_key).verify(params[:email_verification_key])
@email_address = EmailAddress.find(email_id)
@email_address.update!(is_verified: true)
flash[:notice] = "Email address verified"
redirect_to @email_address.user
end
private private
def check_privilege(user) def check_privilege(user)

5
app/mailers/user_mailer.rb
View File

@@ -11,4 +11,9 @@ class UserMailer < ApplicationMailer
@user = user @user = user
mail to: @user.email_with_name, subject: "#{Danbooru.config.app_name} password reset request" mail to: @user.email_with_name, subject: "#{Danbooru.config.app_name} password reset request"
end end
def email_change_confirmation(user)
@user = user
mail to: @user.email_with_name, subject: "Confirm your email address"
end
end end

20
app/views/user_mailer/email_change_confirmation.html.erb Normal file
View File

@@ -0,0 +1,20 @@
<!doctype html>
<html>
<body>
<h2>Hi <%= @user.name %>,</h2>
<p>
You recently changed your email address on <%= Danbooru.config.app_name %>.
Click the link below to verify your new email address.
</p>
<p>
<%= link_to "Verify email address", verify_user_email_url(@user, email_verification_key: Danbooru::MessageVerifier.new(:email_verification_key).generate(@user.email_address.id)) %>
</p>
<p>
If you did not recently change your email address on <%= Danbooru.config.app_name %>,
you may delete and ignore this email.
</p>
</body>
</html>

3
app/views/users/edit.html.erb
View File

@@ -27,6 +27,9 @@
<p> <p>
<% if @user.email_address.present? %> <% if @user.email_address.present? %>
<%= @user.email_address.address %> <%= @user.email_address.address %>
<% if !@user.email_address.is_verified %>
<em>(unverified)</em>
<% end %>
<% else %> <% else %>
<em>blank</em> <em>blank</em>
<% end %> <% end %>

4
config/routes.rb
View File

@@ -245,7 +245,9 @@ Rails.application.routes.draw do
end end
resources :users do resources :users do
resources :favorite_groups, controller: "favorite_groups", only: [:index], as: "favorite_groups" resources :favorite_groups, controller: "favorite_groups", only: [:index], as: "favorite_groups"
resource :email, only: [:edit, :update] resource :email, only: [:edit, :update] do
get :verify
end
resource :password, only: [:edit, :update] resource :password, only: [:edit, :update]
resource :api_key, :only => [:show, :view, :update, :destroy], :controller => "maintenance/user/api_keys" do resource :api_key, :only => [:show, :view, :update, :destroy], :controller => "maintenance/user/api_keys" do
post :view post :view

16
test/functional/emails_controller_test.rb
View File

@@ -3,7 +3,7 @@ require "test_helper"
class EmailsControllerTest < ActionDispatch::IntegrationTest class EmailsControllerTest < ActionDispatch::IntegrationTest
context "in all cases" do context "in all cases" do
setup do setup do
@user = create(:user, email_address: build(:email_address, { address: "bob@ogres.net" })) @user = create(:user, email_address: build(:email_address, { address: "bob@ogres.net", is_verified: false }))
end end
context "#edit" do context "#edit" do
@@ -20,6 +20,7 @@ class EmailsControllerTest < ActionDispatch::IntegrationTest
assert_redirected_to(settings_path) assert_redirected_to(settings_path)
assert_equal("abc@ogres.net", @user.reload.email_address.address) assert_equal("abc@ogres.net", @user.reload.email_address.address)
assert_enqueued_email_with UserMailer, :email_change_confirmation, args: [@user]
end end
end end
@@ -29,6 +30,19 @@ class EmailsControllerTest < ActionDispatch::IntegrationTest
assert_response :success assert_response :success
assert_equal("bob@ogres.net", @user.reload.email_address.address) assert_equal("bob@ogres.net", @user.reload.email_address.address)
assert_no_emails
end
end
end
context "#verify" do
context "with a correct verification key" do
should "mark the email address as verified" do
assert_equal(false, @user.reload.email_address.is_verified)
get_auth verify_user_email_path(@user), @user, params: { email_verification_key: Danbooru::MessageVerifier.new(:email_verification_key).generate(@user.email_address.id) }
assert_redirected_to @user
assert_equal(true, @user.reload.email_address.is_verified)
end end
end end
end end

5
test/mailers/previews/user_mailer_preview.rb
View File

@@ -8,4 +8,9 @@ class UserMailerPreview < ActionMailer::Preview
user = User.find(params[:id]) user = User.find(params[:id])
UserMailer.password_reset(user) UserMailer.password_reset(user)
end end
def email_change_confirmation
user = User.find(params[:id])
UserMailer.email_change_confirmation(user)
end
end end