1 class ConfirmationsController < ApplicationController
6 before_action :authorize_web
7 before_action :set_locale
8 before_action :check_database_readable
10 authorize_resource :class => false
12 before_action :check_database_writable, :only => [:confirm, :confirm_email]
13 before_action :require_cookies, :only => [:confirm]
17 token = UserToken.find_by(:token => params[:confirm_string])
18 if token&.user&.active?
19 flash[:error] = t("confirmations.confirm.already active")
20 redirect_to login_path
21 elsif !token || token.expired?
22 flash[:error] = t("confirmations.confirm.unknown token")
23 redirect_to :action => "confirm"
24 elsif !token.user.visible?
25 render_unknown_user token.user.display_name
28 user.status = "active"
29 user.email_valid = true
30 flash[:notice] = gravatar_status_message(user) if gravatar_enable(user)
32 referer = safe_referer(token.referer) if token.referer
36 token = UserToken.find_by(:token => session[:token])
37 session.delete(:token)
42 if token.nil? || token.user != user
43 flash[:notice] = t("confirmations.confirm.success")
44 redirect_to login_path(:referer => referer)
48 session[:user] = user.id
49 session[:fingerprint] = user.fingerprint
51 redirect_to referer || welcome_path
55 user = User.visible.find_by(:display_name => params[:display_name])
57 redirect_to root_path if user.nil? || user.active?
62 user = User.visible.find_by(:display_name => params[:display_name])
63 token = UserToken.find_by(:token => session[:token])
65 if user.nil? || token.nil? || token.user != user
66 flash[:error] = t "confirmations.confirm_resend.failure", :name => params[:display_name]
68 UserMailer.signup_confirm(user, user.tokens.create).deliver_later
69 flash[:notice] = t "confirmations.confirm_resend.success_html", :email => user.email, :sender => Settings.email_from
72 redirect_to login_path
77 token = UserToken.find_by(:token => params[:confirm_string])
78 if token&.user&.new_email?
79 self.current_user = token.user
80 current_user.email = current_user.new_email
81 current_user.new_email = nil
82 current_user.email_valid = true
83 gravatar_enabled = gravatar_enable(current_user)
85 flash[:notice] = if gravatar_enabled
86 "#{t('confirmations.confirm_email.success')} #{gravatar_status_message(current_user)}"
88 t("confirmations.confirm_email.success")
91 flash[:errors] = current_user.errors
93 current_user.tokens.delete_all
94 session[:user] = current_user.id
95 session[:fingerprint] = current_user.fingerprint
96 redirect_to :controller => :users, :action => :account, :display_name => current_user.display_name
98 flash[:error] = t "confirmations.confirm_email.failure"
99 redirect_to :controller => :users, :action => :account, :display_name => token.user.display_name
101 flash[:error] = t "confirmations.confirm_email.unknown_token"
109 # check if this user has a gravatar and set the user pref is true
110 def gravatar_enable(user)
111 # code from example https://en.gravatar.com/site/implement/images/ruby/
112 return false if user.avatar.attached?
115 hash = Digest::MD5.hexdigest(user.email.downcase)
116 url = "https://www.gravatar.com/avatar/#{hash}?d=404" # without d=404 we will always get an image back
117 response = OSM.http_client.get(URI.parse(url))
118 available = response.success?
123 oldsetting = user.image_use_gravatar
124 user.image_use_gravatar = available
125 oldsetting != user.image_use_gravatar
129 # display a message about th current status of the gravatar setting
130 def gravatar_status_message(user)
131 if user.image_use_gravatar
132 t "users.account.gravatar.enabled"
134 t "users.account.gravatar.disabled"