Added authentication_zero

2024-08-26 19:20:06 +02:00
parent 70606f6890
commit e23b41b950
48 changed files with 1047 additions and 73 deletions
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -1,4 +1,32 @@
 class ApplicationController < ActionController::Base
-  # Only allow modern browsers supporting webp images, web push, badges, import maps, CSS nesting, and CSS :has.
-  allow_browser versions: :modern
+  before_action :set_current_request_details
+  before_action :authenticate_user!
+
+  private
+    def current_user
+      Current.user || authenticate_user_from_session
+    end
+    helper_method :current_user
+
+    def authenticate_user_from_session
+      session_record = Session.find_by_id(cookies.signed[:session_token])
+      Current.session = session_record
+      Current.user
+    end
+
+    def user_signed_in?
+      current_user.present?
+    end
+    helper_method :user_signed_in?
+
+    def authenticate_user!
+      unless user_signed_in?
+        redirect_to sign_in_path
+      end
+    end
+
+    def set_current_request_details
+      Current.user_agent = request.user_agent
+      Current.ip_address = request.ip
+    end
 end
--- a/app/controllers/home_controller.rb
+++ b/app/controllers/home_controller.rb
@@ -0,0 +1,4 @@
+class HomeController < ApplicationController
+  def index
+  end
+end
--- a/app/controllers/identity/email_verifications_controller.rb
+++ b/app/controllers/identity/email_verifications_controller.rb
@@ -0,0 +1,26 @@
+class Identity::EmailVerificationsController < ApplicationController
+  skip_before_action :authenticate_user!, only: :show
+
+  before_action :set_user, only: :show
+
+  def show
+    @user.update! verified: true
+    redirect_to root_path, notice: "Thank you for verifying your email address"
+  end
+
+  def create
+    send_email_verification
+    redirect_to root_path, notice: "We sent a verification email to your email address"
+  end
+
+  private
+    def set_user
+      @user = User.find_by_token_for!(:email_verification, params[:sid])
+    rescue StandardError
+      redirect_to edit_identity_email_path, alert: "That email verification link is invalid"
+    end
+
+    def send_email_verification
+      UserMailer.with(user: Current.user).email_verification.deliver_later
+    end
+end
--- a/app/controllers/identity/emails_controller.rb
+++ b/app/controllers/identity/emails_controller.rb
@@ -0,0 +1,36 @@
+class Identity::EmailsController < ApplicationController
+  before_action :set_user
+
+  def edit
+  end
+
+  def update
+    if @user.update(user_params)
+      redirect_to_root
+    else
+      render :edit, status: :unprocessable_entity
+    end
+  end
+
+  private
+    def set_user
+      @user = Current.user
+    end
+
+    def user_params
+      params.permit(:email, :password_challenge).with_defaults(password_challenge: "")
+    end
+
+    def redirect_to_root
+      if @user.email_previously_changed?
+        resend_email_verification
+        redirect_to root_path, notice: "Your email has been changed"
+      else
+        redirect_to root_path
+      end
+    end
+
+    def resend_email_verification
+      UserMailer.with(user: @user).email_verification.deliver_later
+    end
+end
--- a/app/controllers/identity/password_resets_controller.rb
+++ b/app/controllers/identity/password_resets_controller.rb
@@ -0,0 +1,43 @@
+class Identity::PasswordResetsController < ApplicationController
+  skip_before_action :authenticate_user!
+
+  before_action :set_user, only: %i[ edit update ]
+
+  def new
+  end
+
+  def edit
+  end
+
+  def create
+    if @user = User.find_by(email: params[:email], verified: true)
+      send_password_reset_email
+      redirect_to sign_in_path, notice: "Check your email for reset instructions"
+    else
+      redirect_to new_identity_password_reset_path, alert: "You can't reset your password until you verify your email"
+    end
+  end
+
+  def update
+    if @user.update(user_params)
+      redirect_to sign_in_path, notice: "Your password was reset successfully. Please sign in"
+    else
+      render :edit, status: :unprocessable_entity
+    end
+  end
+
+  private
+    def set_user
+      @user = User.find_by_token_for!(:password_reset, params[:sid])
+    rescue StandardError
+      redirect_to new_identity_password_reset_path, alert: "That password reset link is invalid"
+    end
+
+    def user_params
+      params.permit(:password, :password_confirmation)
+    end
+
+    def send_password_reset_email
+      UserMailer.with(user: @user).password_reset.deliver_later
+    end
+end
--- a/app/controllers/jobs_controller.rb
+++ b/app/controllers/jobs_controller.rb
@@ -1,4 +1,5 @@
 class JobsController < ApplicationController
+  skip_before_action :authenticate_user!, only: :index
  # GET /jobs or /jobs.json
  def index
    @jobs = Job.currently_working_on
--- a/app/controllers/passwords_controller.rb
+++ b/app/controllers/passwords_controller.rb
@@ -0,0 +1,23 @@
+class PasswordsController < ApplicationController
+  before_action :set_user
+
+  def edit
+  end
+
+  def update
+    if @user.update(user_params)
+      redirect_to root_path, notice: "Your password has been changed"
+    else
+      render :edit, status: :unprocessable_entity
+    end
+  end
+
+  private
+    def set_user
+      @user = Current.user
+    end
+
+    def user_params
+      params.permit(:password, :password_confirmation, :password_challenge).with_defaults(password_challenge: "")
+    end
+end
--- a/app/controllers/registrations_controller.rb
+++ b/app/controllers/registrations_controller.rb
@@ -0,0 +1,30 @@
+class RegistrationsController < ApplicationController
+  skip_before_action :authenticate_user!
+
+  def new
+    @user = User.new
+  end
+
+  def create
+    @user = User.new(user_params)
+
+    if @user.save
+      session_record = @user.sessions.create!
+      cookies.signed.permanent[:session_token] = { value: session_record.id, httponly: true }
+
+      send_email_verification
+      redirect_to root_path, notice: "Welcome! You have signed up successfully"
+    else
+      render :new, status: :unprocessable_entity
+    end
+  end
+
+  private
+    def user_params
+      params.permit(:email, :password, :password_confirmation)
+    end
+
+    def send_email_verification
+      UserMailer.with(user: @user).email_verification.deliver_later
+    end
+end
--- a/app/controllers/sessions_controller.rb
+++ b/app/controllers/sessions_controller.rb
@@ -0,0 +1,32 @@
+class SessionsController < ApplicationController
+  skip_before_action :authenticate_user!, only: %i[ new create ]
+
+  before_action :set_session, only: :destroy
+
+  def index
+    @sessions = Current.user.sessions.order(created_at: :desc)
+  end
+
+  def new
+  end
+
+  def create
+    if user = User.authenticate_by(email: params[:email], password: params[:password])
+      @session = user.sessions.create!
+      cookies.signed.permanent[:session_token] = { value: @session.id, httponly: true }
+
+      redirect_to root_path, notice: "Signed in successfully"
+    else
+      redirect_to sign_in_path(email_hint: params[:email]), alert: "That email or password is incorrect"
+    end
+  end
+
+  def destroy
+    @session.destroy; redirect_to(sessions_path, notice: "That session has been logged out")
+  end
+
+  private
+    def set_session
+      @session = Current.user.sessions.find(params[:id])
+    end
+end