Hacked together final bit of sign in flow

openaustralia · Oct 1, 2024 · 2cfad72 · 2cfad72
1 parent ba91b41
commit 2cfad72
Show file tree

Hide file tree

Showing 4 changed files with 28 additions and 8 deletions.
diff --git a/app/controllers/alerts_controller.rb b/app/controllers/alerts_controller.rb
@@ -4,11 +4,11 @@
 class AlertsController < ApplicationController
   extend T::Sig
 
-  before_action :authenticate_user!, except: %i[unsubscribe signed_out sign_in user_session]
-  after_action :verify_authorized, except: %i[index unsubscribe signed_out sign_in user_session]
+  before_action :authenticate_user!, except: %i[unsubscribe signed_out sign_in2 user_session]
+  after_action :verify_authorized, except: %i[index unsubscribe signed_out sign_in2 user_session]
   after_action :verify_policy_scoped, only: :index
 
-  layout "profile", except: %i[unsubscribe signed_out sign_in]
+  layout "profile", except: %i[unsubscribe signed_out sign_in2]
 
   sig { void }
   def index
@@ -90,18 +90,38 @@ def signed_out
   end
 
   # TODO: Rename
-  def sign_in
+  def sign_in2
     # TODO: Use strong parameters instead
     @user = User.new(email: params[:user][:email], password: params[:user][:password])
     @alert = Alert.new(address: params[:user][:address], radius_meters: params[:user][:radius_meters])
   end
 
   # TODO: Rename
   def user_session
-    @user = warden.authenticate!({ scope: :user, recall: "Alerts#sign_in", locale: I18n.locale })
+    request.env["devise.allow_params_authentication"] = true
+    @user = warden.authenticate!({ scope: :user, recall: "Alerts#sign_in2", locale: I18n.locale })
+    # TODO: Special flash message
     # set_flash_message!(:notice, :signed_in)
-    # sign_in(resource_name, resource)
+    sign_in(:user, @user)
     # yield resource if block_given?
+    alert = Alert.new(
+      user: @user,
+      address: params[:user][:address],
+      radius_meters: params[:user][:radius_meters]
+    )
+    # TODO: Check that we're actually allowed to create an alert
+    # Ensures the address is normalised into a consistent form
+    alert.geocode_from_address
+
+    if alert.save
+      redirect_to alerts_path, notice: "You succesfully added a new alert for <span class=\"font-bold\">#{alert.address}</span>"
+    else
+      @alert = T.let(alert, T.nilable(Alert))
+      # TODO: Is there a more sensible way of doing this?
+      @alerts = T.let(policy_scope(Alert), T.nilable(ActiveRecord::Relation))
+      render :new
+    end
+
     # respond_with resource, location: after_sign_in_path_for(resource)
   end
 end
diff --git a/app/views/alerts/sign_in.html.erb → app/views/alerts/sign_in2.html.erb b/app/views/alerts/sign_in.html.erb → app/views/alerts/sign_in2.html.erb
diff --git a/app/views/alerts/signed_out.html.erb b/app/views/alerts/signed_out.html.erb
@@ -7,7 +7,7 @@
 
 <%# TODO: Add create account flow %>
 
-<%= form_with model: User, url: sign_in_alerts_path, method: "get" do |f| %>
+<%= form_with model: User, url: sign_in2_alerts_path, method: "get" do |f| %>
   <%= f.hidden_field :address, value: @alert.address %>
   <%= f.hidden_field :radius_meters, value: @alert.radius_meters %>
   <%= f.button "Sign in" %>

diff --git a/config/routes.rb b/config/routes.rb
@@ -99,7 +99,7 @@ def matches?(request)
         # TODO: This needs a better name and path. Maybe it will become clearer later what it should be.
         get :signed_out
         # TODO: This needs a better name and path as well
-        get :sign_in
+        get :sign_in2
         # TODO: Better name needed as well
         post :user_session
       end