34 lines
839 B
Ruby
34 lines
839 B
Ruby
module Maintenance
|
|
module User
|
|
class EmailNotificationsController < ApplicationController
|
|
class VerificationError < Exception ; end
|
|
|
|
before_action :validate_sig, :only => [:destroy]
|
|
rescue_from VerificationError, :with => :render_403
|
|
|
|
def show
|
|
end
|
|
|
|
def destroy
|
|
@user = User.find(params[:user_id])
|
|
@user.receive_email_notifications = false
|
|
@user.save
|
|
end
|
|
|
|
private
|
|
|
|
def render_403
|
|
render plain: "", :status => 403
|
|
end
|
|
|
|
def validate_sig
|
|
verifier = ActiveSupport::MessageVerifier.new(Danbooru.config.email_key, digest: "SHA256", serializer: JSON)
|
|
calculated_sig = verifier.generate(params[:user_id].to_s)
|
|
if calculated_sig != params[:sig]
|
|
raise VerificationError.new
|
|
end
|
|
end
|
|
end
|
|
end
|
|
end
|