From 2cfad7273a42a39b2c7be9b238a5ebbc8e56991a Mon Sep 17 00:00:00 2001 From: Matthew Landauer Date: Tue, 1 Oct 2024 04:12:59 +0000 Subject: [PATCH] Hacked together final bit of sign in flow --- app/controllers/alerts_controller.rb | 32 +++++++++++++++---- .../{sign_in.html.erb => sign_in2.html.erb} | 0 app/views/alerts/signed_out.html.erb | 2 +- config/routes.rb | 2 +- 4 files changed, 28 insertions(+), 8 deletions(-) rename app/views/alerts/{sign_in.html.erb => sign_in2.html.erb} (100%) diff --git a/app/controllers/alerts_controller.rb b/app/controllers/alerts_controller.rb index 1ae4a8ba6..3e73254ed 100644 --- a/app/controllers/alerts_controller.rb +++ b/app/controllers/alerts_controller.rb @@ -4,11 +4,11 @@ class AlertsController < ApplicationController extend T::Sig - before_action :authenticate_user!, except: %i[unsubscribe signed_out sign_in user_session] - after_action :verify_authorized, except: %i[index unsubscribe signed_out sign_in user_session] + before_action :authenticate_user!, except: %i[unsubscribe signed_out sign_in2 user_session] + after_action :verify_authorized, except: %i[index unsubscribe signed_out sign_in2 user_session] after_action :verify_policy_scoped, only: :index - layout "profile", except: %i[unsubscribe signed_out sign_in] + layout "profile", except: %i[unsubscribe signed_out sign_in2] sig { void } def index @@ -90,7 +90,7 @@ def signed_out end # TODO: Rename - def sign_in + def sign_in2 # TODO: Use strong parameters instead @user = User.new(email: params[:user][:email], password: params[:user][:password]) @alert = Alert.new(address: params[:user][:address], radius_meters: params[:user][:radius_meters]) @@ -98,10 +98,30 @@ def sign_in # TODO: Rename def user_session - @user = warden.authenticate!({ scope: :user, recall: "Alerts#sign_in", locale: I18n.locale }) + request.env["devise.allow_params_authentication"] = true + @user = warden.authenticate!({ scope: :user, recall: "Alerts#sign_in2", locale: I18n.locale }) + # TODO: Special flash message # set_flash_message!(:notice, :signed_in) - # sign_in(resource_name, resource) + sign_in(:user, @user) # yield resource if block_given? + alert = Alert.new( + user: @user, + address: params[:user][:address], + radius_meters: params[:user][:radius_meters] + ) + # TODO: Check that we're actually allowed to create an alert + # Ensures the address is normalised into a consistent form + alert.geocode_from_address + + if alert.save + redirect_to alerts_path, notice: "You succesfully added a new alert for #{alert.address}" + else + @alert = T.let(alert, T.nilable(Alert)) + # TODO: Is there a more sensible way of doing this? + @alerts = T.let(policy_scope(Alert), T.nilable(ActiveRecord::Relation)) + render :new + end + # respond_with resource, location: after_sign_in_path_for(resource) end end diff --git a/app/views/alerts/sign_in.html.erb b/app/views/alerts/sign_in2.html.erb similarity index 100% rename from app/views/alerts/sign_in.html.erb rename to app/views/alerts/sign_in2.html.erb diff --git a/app/views/alerts/signed_out.html.erb b/app/views/alerts/signed_out.html.erb index 3b3de7acc..2a1787b18 100644 --- a/app/views/alerts/signed_out.html.erb +++ b/app/views/alerts/signed_out.html.erb @@ -7,7 +7,7 @@ <%# TODO: Add create account flow %> -<%= form_with model: User, url: sign_in_alerts_path, method: "get" do |f| %> +<%= form_with model: User, url: sign_in2_alerts_path, method: "get" do |f| %> <%= f.hidden_field :address, value: @alert.address %> <%= f.hidden_field :radius_meters, value: @alert.radius_meters %> <%= f.button "Sign in" %> diff --git a/config/routes.rb b/config/routes.rb index fb03666b1..e7a79a96a 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -99,7 +99,7 @@ def matches?(request) # TODO: This needs a better name and path. Maybe it will become clearer later what it should be. get :signed_out # TODO: This needs a better name and path as well - get :sign_in + get :sign_in2 # TODO: Better name needed as well post :user_session end