login: remove login reminder page.

Remove the login reminder page. The meaning of "login reminder" wasn't clear (it's for recovering a forgotten username) and the functionality was redundant. The password reset page can already be used to recover forgotten usernames. There was also a privacy leak, since the login reminder page could be used to find out whether a given email is in use on Danbooru.
2019-12-14 16:19:01 -06:00
parent 872bd28d42
commit efd1327f1e
8 changed files with 1 additions and 112 deletions
--- a/app/controllers/maintenance/user/login_reminders_controller.rb
+++ b/app/controllers/maintenance/user/login_reminders_controller.rb
@@ -1,20 +0,0 @@
 module Maintenance
  module User
    class LoginRemindersController < ApplicationController
      def new
      end
      def create
        @user = ::User.with_email(params[:user][:email]).first
        if @user
          LoginReminderMailer.notice(@user).deliver_now
          flash[:notice] = "Email sent"
        else
          flash[:notice] = "Email address not found"
        end
        redirect_to new_maintenance_user_login_reminder_path
      end
    end
  end
 end
--- a/app/helpers/application_helper.rb
+++ b/app/helpers/application_helper.rb
@@ -255,7 +255,7 @@ module ApplicationHelper
 protected
  def nav_link_match(controller, url)
    url =~ case controller
-    when "sessions", "users", "maintenance/user/login_reminders", "maintenance/user/password_resets", "admin/users"
+    when "sessions", "users", "maintenance/user/password_resets", "admin/users"
      /^\/(session|users)/
    when "forum_posts"
--- a/app/mailers/maintenance/user/login_reminder_mailer.rb
+++ b/app/mailers/maintenance/user/login_reminder_mailer.rb
@@ -1,12 +0,0 @@
 module Maintenance
  module User
    class LoginReminderMailer < ActionMailer::Base
      def notice(user)
        @user = user
        if user.email.present?
          mail(:to => user.email, :subject => "#{Danbooru.config.app_name} login reminder", :from => Danbooru.config.contact_email)
        end
      end
    end
  end
 end
--- a/app/views/maintenance/user/login_reminder_mailer/notice.html.erb
+++ b/app/views/maintenance/user/login_reminder_mailer/notice.html.erb
@@ -1 +0,0 @@
 <p>Your username is <%= @user.name %>.</p>
--- a/app/views/maintenance/user/login_reminders/new.html.erb
+++ b/app/views/maintenance/user/login_reminders/new.html.erb
@@ -1,24 +0,0 @@
 <div id="c-maintenance-user-login-reminders">
  <div id="a-new" class="fixed-width-container">
    <h1>Login Reminder</h1>
    <p>If you supplied an email address when signing up, <%= Danbooru.config.app_name %> can email you your login information. Password details will not be provided and will not be changed.</p>
    <p>If you didn't supply a valid email address, you are out of luck.</p>
    <%= form_tag(maintenance_user_login_reminder_path, :class => "simple_form") do %>
      <div class="input email required">
        <label for="user_email" class="required">Email</label>
        <%= email_field(:user, :email) %>
      </div>
      <%= submit_tag "Submit" %>
    <% end %>
  </div>
 </div>
 <%= render "sessions/secondary_links" %>
 <% content_for(:page_title) do %>
  Login Reminder - <%= Danbooru.config.app_name %>
 <% end %>
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -59,7 +59,6 @@ Rails.application.routes.draw do
      resource :count_fixes, only: [:new, :create]
      resource :email_notification, :only => [:show, :destroy]
      resource :password_reset, :only => [:new, :create, :edit, :update]
      resource :login_reminder, :only => [:new, :create]
      resource :deletion, :only => [:show, :destroy]
      resource :email_change, :only => [:new, :create]
      resource :dmail_filter, :only => [:edit, :update]
--- a/test/functional/maintenance/user/login_reminders_controller_test.rb
+++ b/test/functional/maintenance/user/login_reminders_controller_test.rb
@@ -1,35 +0,0 @@
 require "test_helper"
 module Maintenance
  module User
    class LoginRemindersControllerTest < ActionDispatch::IntegrationTest
      context "A login reminder controller" do
        setup do
          @user = create(:user)
          @blank_email_user = create(:user, :email => "")
          ActionMailer::Base.delivery_method = :test
          ActionMailer::Base.deliveries.clear
        end
        should "render the new page" do
          get new_maintenance_user_login_reminder_path
          assert_response :success
        end
        should "deliver an email with the login to the user" do
          post maintenance_user_login_reminder_path, params: {:user => {:email => @user.email}}
          assert_equal(1, ActionMailer::Base.deliveries.size)
        end
        context "for a user with a blank email" do
          should "fail" do
            post maintenance_user_login_reminder_path, params: {:user => {:email => ""}}
            @blank_email_user.reload
            assert_equal(@blank_email_user.created_at.to_i, @blank_email_user.updated_at.to_i)
            assert_equal(0, ActionMailer::Base.deliveries.size)
          end
        end
      end
    end
  end
 end
--- a/test/unit/maintenance/user/login_reminder_mailer_test.rb
+++ b/test/unit/maintenance/user/login_reminder_mailer_test.rb
@@ -1,18 +0,0 @@
 require "test_helper"
 module Maintenance
  module User
    class LoginReminderMailerTest < ActionMailer::TestCase
      context "The login reminder mailer" do
        setup do
          @user = FactoryBot.create(:user)
        end
        should "send the notice" do
          LoginReminderMailer.notice(@user).deliver_now
          assert !ActionMailer::Base.deliveries.empty?
        end
      end
    end
  end
 end