1 class ConfirmationsController < ApplicationController
7 before_action :authorize_web
8 before_action :set_locale
9 before_action :check_database_readable
11 authorize_resource :class => false
13 before_action :check_database_writable, :only => [:confirm, :confirm_email]
14 before_action :require_cookies, :only => [:confirm]
18 token = params[:confirm_string]
20 user = User.find_by_token_for(:new_user, token) ||
21 UserToken.unexpired.find_by(:token => token)&.user
24 flash[:error] = t(".unknown token")
25 redirect_to :action => "confirm"
27 flash[:error] = t(".already active")
28 redirect_to login_path
30 render_unknown_user user.display_name
33 user.email_valid = true
34 flash[:notice] = gravatar_status_message(user) if gravatar_enable(user)
36 referer = safe_referer(params[:referer]) if params[:referer]
37 UserToken.delete_by(:token => token)
39 pending_user = session.delete(:pending_user)
41 if user.id == pending_user
42 session[:user] = user.id
43 session[:fingerprint] = user.fingerprint
45 redirect_to referer || welcome_path
47 flash[:notice] = t(".success")
48 redirect_to login_path(:referer => referer)
52 user = User.visible.find_by(:display_name => params[:display_name])
54 redirect_to root_path if user.nil? || user.active?
59 user = User.visible.find_by(:display_name => params[:display_name])
61 if user.nil? || user.id != session[:pending_user]
62 flash[:error] = t ".failure", :name => params[:display_name]
64 UserMailer.signup_confirm(user, user.generate_token_for(:new_user)).deliver_later
65 flash[:notice] = { :partial => "confirmations/resend_success_flash", :locals => { :email => user.email, :sender => Settings.email_from } }
68 redirect_to login_path
73 token = params[:confirm_string]
75 self.current_user = User.find_by_token_for(:new_email, token) ||
76 UserToken.unexpired.find_by(:token => params[:confirm_string])&.user
78 if current_user&.new_email?
79 current_user.email = current_user.new_email
80 current_user.new_email = nil
81 current_user.email_valid = true
82 gravatar_enabled = gravatar_enable(current_user)
84 flash[:notice] = if gravatar_enabled
85 "#{t('.success')} #{gravatar_status_message(current_user)}"
90 flash[:errors] = current_user.errors
92 current_user.tokens.delete_all
93 session[:user] = current_user.id
94 session[:fingerprint] = current_user.fingerprint
96 flash[:error] = t ".failure"
98 flash[:error] = t ".unknown_token"
101 redirect_to edit_account_path
108 # check if this user has a gravatar and set the user pref is true
109 def gravatar_enable(user)
110 # code from example https://en.gravatar.com/site/implement/images/ruby/
111 return false if user.avatar.attached?
114 hash = Digest::MD5.hexdigest(user.email.downcase)
115 url = "https://www.gravatar.com/avatar/#{hash}?d=404" # without d=404 we will always get an image back
116 response = OSM.http_client.get(URI.parse(url))
117 available = response.success?
122 oldsetting = user.image_use_gravatar
123 user.image_use_gravatar = available
124 oldsetting != user.image_use_gravatar
128 # display a message about th current status of the gravatar setting
129 def gravatar_status_message(user)
130 if user.image_use_gravatar
131 t "profiles.edit.gravatar.enabled"
133 t "profiles.edit.gravatar.disabled"