class ConfirmationsController < ApplicationController
include SessionMethods
+ include UserMethods
layout "site"
def confirm
if request.post?
- token = UserToken.find_by(:token => params[:confirm_string])
- if token&.user&.active?
- flash[:error] = t("confirmations.confirm.already active")
- redirect_to login_path
- elsif !token || token.expired?
- flash[:error] = t("confirmations.confirm.unknown token")
+ token = params[:confirm_string]
+
+ user = User.find_by_token_for(:new_user, token) ||
+ UserToken.unexpired.find_by(:token => token)&.user
+
+ if !user
+ flash[:error] = t(".unknown token")
redirect_to :action => "confirm"
- elsif !token.user.visible?
- render_unknown_user token.user.display_name
+ elsif user.active?
+ flash[:error] = t(".already active")
+ redirect_to login_path
+ elsif !user.visible?
+ render_unknown_user user.display_name
else
- user = token.user
- user.status = "active"
+ user.activate
user.email_valid = true
flash[:notice] = gravatar_status_message(user) if gravatar_enable(user)
user.save!
- referer = safe_referer(token.referer) if token.referer
- token.destroy
-
- if session[:token]
- token = UserToken.find_by(:token => session[:token])
- session.delete(:token)
- else
- token = nil
- end
+ referer = safe_referer(params[:referer]) if params[:referer]
+ UserToken.delete_by(:token => token)
- if token.nil? || token.user != user
- flash[:notice] = t("confirmations.confirm.success")
- redirect_to login_path(:referer => referer)
- else
- token.destroy
+ pending_user = session.delete(:pending_user)
+ if user.id == pending_user
session[:user] = user.id
session[:fingerprint] = user.fingerprint
redirect_to referer || welcome_path
+ else
+ flash[:notice] = t(".success")
+ redirect_to login_path(:referer => referer)
end
end
else
def confirm_resend
user = User.visible.find_by(:display_name => params[:display_name])
- token = UserToken.find_by(:token => session[:token])
- if user.nil? || token.nil? || token.user != user
- flash[:error] = t "confirmations.confirm_resend.failure", :name => params[:display_name]
+ if user.nil? || user.id != session[:pending_user]
+ flash[:error] = t ".failure", :name => params[:display_name]
else
- UserMailer.signup_confirm(user, user.tokens.create).deliver_later
+ UserMailer.signup_confirm(user, user.generate_token_for(:new_user)).deliver_later
flash[:notice] = { :partial => "confirmations/resend_success_flash", :locals => { :email => user.email, :sender => Settings.email_from } }
end
def confirm_email
if request.post?
- token = UserToken.find_by(:token => params[:confirm_string])
- if token&.user&.new_email?
- self.current_user = token.user
+ token = params[:confirm_string]
+
+ self.current_user = User.find_by_token_for(:new_email, token) ||
+ UserToken.unexpired.find_by(:token => params[:confirm_string])&.user
+
+ if current_user&.new_email?
current_user.email = current_user.new_email
current_user.new_email = nil
current_user.email_valid = true
gravatar_enabled = gravatar_enable(current_user)
if current_user.save
flash[:notice] = if gravatar_enabled
- "#{t('confirmations.confirm_email.success')} #{gravatar_status_message(current_user)}"
+ "#{t('.success')} #{gravatar_status_message(current_user)}"
else
- t("confirmations.confirm_email.success")
+ t(".success")
end
else
flash[:errors] = current_user.errors
current_user.tokens.delete_all
session[:user] = current_user.id
session[:fingerprint] = current_user.fingerprint
- redirect_to user_account_path(current_user)
- elsif token
- flash[:error] = t "confirmations.confirm_email.failure"
- redirect_to user_account_path(token.user)
+ elsif current_user
+ flash[:error] = t ".failure"
else
- flash[:error] = t "confirmations.confirm_email.unknown_token"
+ flash[:error] = t ".unknown_token"
end
+
+ redirect_to edit_account_path
end
end