Confirmable

3 years ago · ac6f7de5ba
9 changed files with 78 additions and 23 deletions
--- a/app/controllers/auth/confirmations_controller.rb
+++ b/app/controllers/auth/confirmations_controller.rb
@ -0,0 +1,9 @@
+class Auth::ConfirmationsController < Devise::ConfirmationsController
+  def create
+    super
+  end
+
+  def show
+    super
+  end
+end
--- a/app/mailers/devise_notify_mailer.rb
+++ b/app/mailers/devise_notify_mailer.rb
@ -13,7 +13,7 @@ class DeviseNotifyMailer < Devise::Mailer
    )
  end

-  def reset_password_instructions(record, token, _opts = {})
+  def personalisation(record, token)
    url = public_send("edit_#{record.class.name.underscore}_password_url")
    personalisation = {
      name: record.name || record.email,
@ -21,13 +21,24 @@ class DeviseNotifyMailer < Devise::Mailer
      organisation: record.respond_to?(:organisation) ? record.organisation.name : "",
      link: "#{url}?reset_password_token=#{token}",
    }
-    send_email(record.email, record.reset_password_notify_template, personalisation)
  end

-  # def confirmation_instructions(record, token, _opts = {})
-  #   super
-  # end
-  #
+  def reset_password_instructions(record, token, _opts = {})
+    send_email(
+      record.email,
+      record.reset_password_notify_template,
+      personalisation(record, token)
+    )
+  end
+
+  def confirmation_instructions(record, token, _opts = {})
+    send_email(
+      record.email,
+      record.confirmable_template,
+      personalisation(record, token)
+    )
+  end
+
  # def unlock_instructions(record, token, opts = {})
  #   super
  # end
--- a/app/models/user.rb
+++ b/app/models/user.rb
@ -1,8 +1,8 @@
 class User < ApplicationRecord
  # Include default devise modules. Others available are:
-  # :confirmable, :timeoutable and :omniauthable
+  # :omniauthable
  devise :database_authenticatable, :recoverable, :rememberable, :validatable,
-         :trackable, :lockable, :two_factor_authenticatable
+         :trackable, :lockable, :two_factor_authenticatable, :confirmable, :timeoutable

  belongs_to :organisation
  has_many :owned_case_logs, through: :organisation
@ -66,10 +66,14 @@ class User < ApplicationRecord

  MFA_TEMPLATE_ID = "6bdf5ee1-8e01-4be1-b1f9-747061d8a24c".freeze
  RESET_PASSWORD_TEMPLATE_ID = "2c410c19-80a7-481c-a531-2bcb3264f8e6".freeze
-  SET_PASSWORD_TEMPLATE_ID   = "257460a6-6616-4640-a3f9-17c3d73d9e91".freeze
+  CONFIRMABLE_TEMPLATE_ID   = "257460a6-6616-4640-a3f9-17c3d73d9e91".freeze

  def reset_password_notify_template
-    last_sign_in_at ? RESET_PASSWORD_TEMPLATE_ID : SET_PASSWORD_TEMPLATE_ID
+    RESET_PASSWORD_TEMPLATE_ID
+  end
+
+  def confirmable_template
+    CONFIRMABLE_TEMPLATE_ID
  end

  def need_two_factor_authentication?(_request)
--- a/app/views/devise/confirmations/new.html.erb
+++ b/app/views/devise/confirmations/new.html.erb
@ -1,15 +1,32 @@
-<h2>Resend confirmation instructions</h2>
+<% content_for :title, "Resend invitation link" %>
+
+<% content_for :before_content do %>
+  <%= govuk_back_link(
+    text: "Back",
+    href: :back,
+  ) %>
+<% end %>

 <%= form_for(resource, as: resource_name, url: confirmation_path(resource_name), html: { method: :post }) do |f| %>
-  <%= render "devise/shared/error_messages", resource: resource %>
+  <div class="govuk-grid-row">
+    <div class="govuk-grid-column-two-thirds">
+      <%= f.govuk_error_summary %>
+
+      <h1 class="govuk-heading-l">
+        <%= content_for(:title) %>
+      </h1>
+
+      <p class="govuk-body">Enter your email address to get a new invitation link.</p>

-  <%= f.govuk_email_field :email,
-    label: { text: "Email address" },
-    autocomplete: "email",
-    spellcheck: "false",
-    value: (resource.pending_reconfirmation? ? resource.unconfirmed_email : resource.email) %>
+      <%= f.govuk_email_field :email,
+        label: { text: "Email address" },
+        autocomplete: "email",
+        spellcheck: "false",
+        value: (resource.pending_reconfirmation? ? resource.unconfirmed_email : resource.email) %>

-  <%= f.govuk_submit "Resend confirmation instructions" %>
+      <%= f.govuk_submit "Send email" %>
+    </div>
+  </div>
 <% end %>

 <%= render "devise/shared/links" %>
--- a/app/views/devise/passwords/reset_password.html.erb
+++ b/app/views/devise/passwords/reset_password.html.erb
@ -11,6 +11,7 @@
  <%= f.hidden_field :reset_password_token %>
  <div class="govuk-grid-row">
    <div class="govuk-grid-column-two-thirds">
+      <% binding.pry %>
      <%= f.govuk_error_summary %>

      <h1 class="govuk-heading-l">
--- a/config/routes.rb
+++ b/config/routes.rb
@ -26,6 +26,7 @@ Rails.application.routes.draw do
  devise_for :users, {
    path: :account,
    controllers: {
+      confirmations: "auth/confirmations",
      passwords: "auth/passwords",
      sessions: "auth/sessions",
      two_factor_authentication: "auth/two_factor_authentication",
--- a/db/migrate/20220517093906_add_confirmable_users.rb
+++ b/db/migrate/20220517093906_add_confirmable_users.rb
@ -0,0 +1,11 @@
+class AddConfirmableUsers < ActiveRecord::Migration[7.0]
+  def change
+    change_table :users, bulk: true do |t|
+      t.column :confirmation_token, :string
+      t.column :confirmed_at, :datetime
+      t.column :confirmation_sent_at, :datetime
+      t.string :unconfirmed_email
+    end
+    add_index :users, :confirmation_token, unique: true
+  end
+end
--- a/db/schema.rb
+++ b/db/schema.rb
@ -343,6 +343,11 @@ ActiveRecord::Schema[7.0].define(version: 2022_05_18_115438) do
    t.datetime "direct_otp_sent_at", precision: nil
    t.datetime "totp_timestamp", precision: nil
    t.boolean "active", default: true
+    t.string "confirmation_token"
+    t.datetime "confirmed_at", precision: nil
+    t.datetime "confirmation_sent_at", precision: nil
+    t.string "unconfirmed_email"
+    t.index ["confirmation_token"], name: "index_users_on_confirmation_token", unique: true
    t.index ["email"], name: "index_users_on_email", unique: true
    t.index ["encrypted_otp_secret_key"], name: "index_users_on_encrypted_otp_secret_key", unique: true
    t.index ["organisation_id"], name: "index_users_on_organisation_id"
--- a/lib/tasks/onboarding_emails.rake
+++ b/lib/tasks/onboarding_emails.rake
@ -12,11 +12,7 @@ namespace :onboarding_emails do
    organisation.users.each do |user|
      next unless URI::MailTo::EMAIL_REGEXP.match?(user.email)

-      onboarding_template_id = "b48bc2cd-5887-4611-8296-d0ab3ed0e7fd".freeze
-      token = user.send(:set_reset_password_token)
-      url = "#{host}/account/password/edit?reset_password_token=#{token}"
-      personalisation = { name: user.name || user.email, link: url }
-      DeviseNotifyMailer.new.send_email(user.email, onboarding_template_id, personalisation)
+      user.send_confirmation_instructions
    end
  end
 end