مراية لـ
https://github.com/postalserver/postal.git
تم المزامنة 2025-12-01 05:43:04 +00:00
only allow users with an invite to create accounts
هذا الالتزام موجود في:
Adam Cooke
@@ -1,16 +1,20 @@
|
|||||||
class UserController < ApplicationController
|
class UserController < ApplicationController
|
||||||
|
|
||||||
skip_before_action :login_required, :only => [:new, :create]
|
skip_before_action :login_required, :only => [:new, :create, :join]
|
||||||
skip_before_action :verified_email_required, :only => [:edit, :update, :verify]
|
skip_before_action :verified_email_required, :only => [:edit, :update, :verify]
|
||||||
|
|
||||||
def new
|
def new
|
||||||
|
@user_invite = UserInvite.active.find_by!(:uuid => params[:invite_token])
|
||||||
@user = User.new
|
@user = User.new
|
||||||
|
@user.email_address = @user_invite.email_address
|
||||||
render :layout => 'sub'
|
render :layout => 'sub'
|
||||||
end
|
end
|
||||||
|
|
||||||
def create
|
def create
|
||||||
|
@user_invite = UserInvite.active.find_by!(:uuid => params[:invite_token])
|
||||||
@user = User.new(params.require(:user).permit(:first_name, :last_name, :email_address, :password, :password_confirmation))
|
@user = User.new(params.require(:user).permit(:first_name, :last_name, :email_address, :password, :password_confirmation))
|
||||||
if @user.save
|
if @user.save
|
||||||
|
@user_invite.accept(@user)
|
||||||
AppMailer.new_user(@user).deliver
|
AppMailer.new_user(@user).deliver
|
||||||
self.current_user = @user
|
self.current_user = @user
|
||||||
redirect_to verify_path(:return_to => params[:return_to])
|
redirect_to verify_path(:return_to => params[:return_to])
|
||||||
@@ -21,6 +25,7 @@ class UserController < ApplicationController
|
|||||||
|
|
||||||
def join
|
def join
|
||||||
if @invite = UserInvite.where(:uuid => params[:token]).where("expires_at > ?", Time.now).first
|
if @invite = UserInvite.where(:uuid => params[:token]).where("expires_at > ?", Time.now).first
|
||||||
|
if logged_in?
|
||||||
if request.post?
|
if request.post?
|
||||||
@invite.accept(current_user)
|
@invite.accept(current_user)
|
||||||
redirect_to_with_json root_path(:nrd => 1), :notice => "Invitation has been accepted successfully. You now have access to this organization."
|
redirect_to_with_json root_path(:nrd => 1), :notice => "Invitation has been accepted successfully. You now have access to this organization."
|
||||||
@@ -30,6 +35,9 @@ class UserController < ApplicationController
|
|||||||
else
|
else
|
||||||
@organizations = @invite.organizations.order(:name).to_a
|
@organizations = @invite.organizations.order(:name).to_a
|
||||||
end
|
end
|
||||||
|
else
|
||||||
|
redirect_to new_signup_path(params[:token])
|
||||||
|
end
|
||||||
else
|
else
|
||||||
redirect_to_with_json root_path(:nrd => 1), :alert => "The invite URL you have has expired. Please ask the person who invited you to re-send your invitation."
|
redirect_to_with_json root_path(:nrd => 1), :alert => "The invite URL you have has expired. Please ask the person who invited you to re-send your invitation."
|
||||||
end
|
end
|
||||||
|
|||||||
@@ -25,6 +25,8 @@ class UserInvite < ApplicationRecord
|
|||||||
|
|
||||||
default_value :expires_at, -> { 7.days.from_now }
|
default_value :expires_at, -> { 7.days.from_now }
|
||||||
|
|
||||||
|
scope :active, -> { where("expires_at > ?", Time.now) }
|
||||||
|
|
||||||
def md5_for_gravatar
|
def md5_for_gravatar
|
||||||
@md5_for_gravatar ||= Digest::MD5.hexdigest(email_address.to_s.downcase)
|
@md5_for_gravatar ||= Digest::MD5.hexdigest(email_address.to_s.downcase)
|
||||||
end
|
end
|
||||||
|
|||||||
@@ -7,13 +7,12 @@
|
|||||||
= form_tag login_path, :class => 'loginForm' do
|
= form_tag login_path, :class => 'loginForm' do
|
||||||
= hidden_field_tag 'return_to', params[:return_to]
|
= hidden_field_tag 'return_to', params[:return_to]
|
||||||
- if params[:return_to] && params[:return_to] =~ /\/join\//
|
- if params[:return_to] && params[:return_to] =~ /\/join\//
|
||||||
%p.loginForm__invite.warningBox.u-margin To accept your invitation you need to login to your account or create a new one. Choose from the options below to continue.
|
%p.loginForm__invite.warningBox.u-margin Login to your existing account to accept your invitation.
|
||||||
|
|
||||||
%p.loginForm__input= text_field_tag 'email_address', '', :type => 'email', :autocomplete => 'off', :spellcheck => 'false', :class => 'input input--text input--onWhite', :placeholder => "Your e-mail address", :autofocus => true, :tabindex => 1
|
%p.loginForm__input= text_field_tag 'email_address', '', :type => 'email', :autocomplete => 'off', :spellcheck => 'false', :class => 'input input--text input--onWhite', :placeholder => "Your e-mail address", :autofocus => true, :tabindex => 1
|
||||||
%p.loginForm__input= password_field_tag 'password', '', :class => 'input input--text input--onWhite', :placeholder => "Your password", :tabindex => 2
|
%p.loginForm__input= password_field_tag 'password', '', :class => 'input input--text input--onWhite', :placeholder => "Your password", :tabindex => 2
|
||||||
.loginForm__submit
|
.loginForm__submit
|
||||||
%ul.loginForm__links
|
%ul.loginForm__links
|
||||||
%li= link_to "Forgotten your password?", login_reset_path(:return_to => params[:return_to])
|
%li= link_to "Forgotten your password?", login_reset_path(:return_to => params[:return_to])
|
||||||
%li= link_to "Create a new user", signup_path(:return_to => params[:return_to])
|
|
||||||
%p= submit_tag "Login", :class => 'button button--positive', :tabindex => 3
|
%p= submit_tag "Login", :class => 'button button--positive', :tabindex => 3
|
||||||
|
|
||||||
|
|||||||
@@ -1,17 +1,19 @@
|
|||||||
- @wide = true
|
- @wide = true
|
||||||
- page_title << "Signup"
|
- page_title << "Signup"
|
||||||
.subPageBox__title
|
.subPageBox__title
|
||||||
Create your own Postal account
|
Join the #{@user_invite.organizations.first.name} organization
|
||||||
= display_flash
|
= display_flash
|
||||||
|
|
||||||
.subPageBox__content
|
.subPageBox__content
|
||||||
%p.subPageBox__text
|
%p.subPageBox__text
|
||||||
To create an account, just enter your details below and you'll be on your way.
|
If you don't already have an account on this system, you can create one below. Otherwise, you should
|
||||||
Be sure to enter a valid e-mail address because we'll send you a verification
|
#{link_to "login to your existing account", login_path(:return_to => join_path(@user_invite.uuid)), :class => 'u-link'}
|
||||||
e-mail as part of the signup process.
|
and add this organization to that.
|
||||||
|
|
||||||
.signupForm
|
.signupForm
|
||||||
= form_for @user, :url => signup_path do |f|
|
= form_for @user, :url => signup_path do |f|
|
||||||
= hidden_field_tag 'return_to', params[:return_to]
|
= hidden_field_tag 'return_to', params[:return_to]
|
||||||
|
= hidden_field_tag 'invite_token', params[:invite_token]
|
||||||
= f.error_messages
|
= f.error_messages
|
||||||
.fieldSet.fieldSet--compact.u-margin
|
.fieldSet.fieldSet--compact.u-margin
|
||||||
.fieldSet__fieldPair
|
.fieldSet__fieldPair
|
||||||
|
|||||||
@@ -80,9 +80,9 @@ Rails.application.routes.draw do
|
|||||||
post 'persist' => 'sessions#persist'
|
post 'persist' => 'sessions#persist'
|
||||||
|
|
||||||
match 'verify' => 'user#verify', :via => [:get, :post]
|
match 'verify' => 'user#verify', :via => [:get, :post]
|
||||||
get 'signup' => 'user#new'
|
get 'signup/:invite_token' => 'user#new', :as => 'new_signup'
|
||||||
post 'signup' => 'user#create'
|
post 'signup' => 'user#create'
|
||||||
match 'join/:token' => 'user#join', :via => [:get, :post, :delete]
|
match 'join/:token' => 'user#join', :via => [:get, :post, :delete], :as => 'join'
|
||||||
get 'login' => 'sessions#new'
|
get 'login' => 'sessions#new'
|
||||||
post 'login' => 'sessions#create'
|
post 'login' => 'sessions#create'
|
||||||
get 'login/token' => 'sessions#create_with_token'
|
get 'login/token' => 'sessions#create_with_token'
|
||||||
|
|||||||
المرجع في مشكلة جديدة
حظر مستخدم