2016-11-15 17:56:29 +02:00
|
|
|
# frozen_string_literal: true
|
|
|
|
|
2016-03-05 23:43:05 +02:00
|
|
|
class Auth::RegistrationsController < Devise::RegistrationsController
|
2020-12-10 07:27:26 +02:00
|
|
|
include RegistrationSpamConcern
|
2020-07-07 16:26:31 +03:00
|
|
|
|
2017-02-08 04:04:29 +02:00
|
|
|
layout :determine_layout
|
2016-03-05 23:43:05 +02:00
|
|
|
|
2018-06-15 19:00:23 +03:00
|
|
|
before_action :set_invite, only: [:new, :create]
|
2017-04-04 16:26:57 +03:00
|
|
|
before_action :check_enabled_registrations, only: [:new, :create]
|
2016-09-29 22:28:21 +03:00
|
|
|
before_action :configure_sign_up_params, only: [:create]
|
2017-12-04 08:30:45 +02:00
|
|
|
before_action :set_pack
|
2017-06-25 17:54:30 +03:00
|
|
|
before_action :set_sessions, only: [:edit, :update]
|
2022-02-14 22:27:53 +02:00
|
|
|
before_action :set_strikes, only: [:edit, :update]
|
2017-10-13 10:35:07 +03:00
|
|
|
before_action :set_instance_presenter, only: [:new, :create, :update]
|
2018-10-26 23:49:17 +03:00
|
|
|
before_action :set_body_classes, only: [:new, :create, :edit, :update]
|
Change unconfirmed user login behaviour (#11375)
Allow access to account settings, 2FA, authorized applications, and
account deletions to unconfirmed and pending users, as well as
users who had their accounts disabled. Suspended users cannot update
their e-mail or password or delete their account.
Display account status on account settings page, for example, when
an account is frozen, limited, unconfirmed or pending review.
After sign up, login users straight away and show a simple page that
tells them the status of their account with links to account settings
and logout, to reduce onboarding friction and allow users to correct
wrongly typed e-mail addresses.
Move the final sign-up step of SSO integrations to be the same
as above to reduce code duplication.
2019-07-22 11:48:50 +03:00
|
|
|
before_action :require_not_suspended!, only: [:update]
|
2019-12-30 05:38:30 +02:00
|
|
|
before_action :set_cache_headers, only: [:edit, :update]
|
2022-10-05 19:57:33 +03:00
|
|
|
before_action :set_rules, only: :new
|
|
|
|
before_action :require_rules_acceptance!, only: :new
|
2020-12-10 07:27:26 +02:00
|
|
|
before_action :set_registration_form_time, only: :new
|
Change unconfirmed user login behaviour (#11375)
Allow access to account settings, 2FA, authorized applications, and
account deletions to unconfirmed and pending users, as well as
users who had their accounts disabled. Suspended users cannot update
their e-mail or password or delete their account.
Display account status on account settings page, for example, when
an account is frozen, limited, unconfirmed or pending review.
After sign up, login users straight away and show a simple page that
tells them the status of their account with links to account settings
and logout, to reduce onboarding friction and allow users to correct
wrongly typed e-mail addresses.
Move the final sign-up step of SSO integrations to be the same
as above to reduce code duplication.
2019-07-22 11:48:50 +03:00
|
|
|
|
|
|
|
skip_before_action :require_functional!, only: [:edit, :update]
|
2016-03-05 23:43:05 +02:00
|
|
|
|
2019-04-09 17:06:30 +03:00
|
|
|
def new
|
|
|
|
super(&:build_invite_request)
|
|
|
|
end
|
|
|
|
|
2017-05-23 22:32:42 +03:00
|
|
|
def destroy
|
|
|
|
not_found
|
|
|
|
end
|
|
|
|
|
2020-01-24 01:20:38 +02:00
|
|
|
def update
|
|
|
|
super do |resource|
|
2020-07-07 16:26:31 +03:00
|
|
|
if resource.saved_change_to_encrypted_password?
|
|
|
|
resource.clear_other_sessions(current_session.session_id)
|
|
|
|
end
|
2020-01-24 01:20:38 +02:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2016-03-05 23:43:05 +02:00
|
|
|
protected
|
|
|
|
|
2018-02-02 11:18:55 +02:00
|
|
|
def update_resource(resource, params)
|
|
|
|
params[:password] = nil if Devise.pam_authentication && resource.encrypted_password.blank?
|
2020-01-24 01:20:38 +02:00
|
|
|
|
2018-02-02 11:18:55 +02:00
|
|
|
super
|
|
|
|
end
|
|
|
|
|
2016-03-05 23:43:05 +02:00
|
|
|
def build_resource(hash = nil)
|
|
|
|
super(hash)
|
2017-11-27 17:07:59 +02:00
|
|
|
|
2020-12-10 07:27:26 +02:00
|
|
|
resource.locale = I18n.locale
|
|
|
|
resource.invite_code = params[:invite_code] if resource.invite_code.blank?
|
|
|
|
resource.registration_form_time = session[:registration_form_time]
|
|
|
|
resource.sign_up_ip = request.remote_ip
|
2017-11-27 17:07:59 +02:00
|
|
|
|
2016-09-29 22:28:21 +03:00
|
|
|
resource.build_account if resource.account.nil?
|
2016-03-05 23:43:05 +02:00
|
|
|
end
|
|
|
|
|
|
|
|
def configure_sign_up_params
|
2022-12-15 18:11:58 +02:00
|
|
|
devise_parameter_sanitizer.permit(:sign_up) do |user_params|
|
|
|
|
user_params.permit({ account_attributes: [:username, :display_name], invite_request_attributes: [:text] }, :email, :password, :password_confirmation, :invite_code, :agreement, :website, :confirm_password)
|
2016-03-05 23:43:05 +02:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2016-03-26 14:42:10 +02:00
|
|
|
def after_sign_up_path_for(_resource)
|
Change unconfirmed user login behaviour (#11375)
Allow access to account settings, 2FA, authorized applications, and
account deletions to unconfirmed and pending users, as well as
users who had their accounts disabled. Suspended users cannot update
their e-mail or password or delete their account.
Display account status on account settings page, for example, when
an account is frozen, limited, unconfirmed or pending review.
After sign up, login users straight away and show a simple page that
tells them the status of their account with links to account settings
and logout, to reduce onboarding friction and allow users to correct
wrongly typed e-mail addresses.
Move the final sign-up step of SSO integrations to be the same
as above to reduce code duplication.
2019-07-22 11:48:50 +03:00
|
|
|
auth_setup_path
|
2016-03-05 23:43:05 +02:00
|
|
|
end
|
2016-12-06 18:19:26 +02:00
|
|
|
|
2018-07-05 21:57:35 +03:00
|
|
|
def after_sign_in_path_for(_resource)
|
|
|
|
set_invite
|
|
|
|
|
|
|
|
if @invite&.autofollow?
|
|
|
|
short_account_path(@invite.user.account)
|
|
|
|
else
|
|
|
|
super
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2017-01-04 16:31:25 +02:00
|
|
|
def after_inactive_sign_up_path_for(_resource)
|
|
|
|
new_user_session_path
|
|
|
|
end
|
|
|
|
|
2018-01-02 17:55:00 +02:00
|
|
|
def after_update_path_for(_resource)
|
|
|
|
edit_user_registration_path
|
|
|
|
end
|
|
|
|
|
2017-04-04 16:26:57 +03:00
|
|
|
def check_enabled_registrations
|
2022-08-24 20:00:37 +03:00
|
|
|
redirect_to root_path if single_user_mode? || omniauth_only? || !allowed_registrations? || ip_blocked?
|
2017-11-27 17:07:59 +02:00
|
|
|
end
|
|
|
|
|
|
|
|
def allowed_registrations?
|
2019-03-14 06:28:30 +02:00
|
|
|
Setting.registrations_mode != 'none' || @invite&.valid_for_use?
|
2017-11-27 17:07:59 +02:00
|
|
|
end
|
|
|
|
|
2022-01-23 16:52:58 +02:00
|
|
|
def omniauth_only?
|
|
|
|
ENV['OMNIAUTH_ONLY'] == 'true'
|
|
|
|
end
|
|
|
|
|
2022-08-24 20:00:37 +03:00
|
|
|
def ip_blocked?
|
|
|
|
IpBlock.where(severity: :sign_up_block).where('ip >>= ?', request.remote_ip.to_s).exists?
|
|
|
|
end
|
|
|
|
|
2017-11-27 17:07:59 +02:00
|
|
|
def invite_code
|
|
|
|
if params[:user]
|
|
|
|
params[:user][:invite_code]
|
|
|
|
else
|
|
|
|
params[:invite_code]
|
|
|
|
end
|
2016-12-06 18:19:26 +02:00
|
|
|
end
|
2017-04-04 16:26:57 +03:00
|
|
|
|
2017-02-08 04:04:29 +02:00
|
|
|
private
|
2017-04-04 16:26:57 +03:00
|
|
|
|
2017-11-21 08:13:37 +02:00
|
|
|
def set_pack
|
|
|
|
use_pack %w(edit update).include?(action_name) ? 'admin' : 'auth'
|
|
|
|
end
|
|
|
|
|
2017-10-11 01:52:25 +03:00
|
|
|
def set_instance_presenter
|
|
|
|
@instance_presenter = InstancePresenter.new
|
|
|
|
end
|
|
|
|
|
2018-07-31 02:14:33 +03:00
|
|
|
def set_body_classes
|
2018-10-26 23:49:17 +03:00
|
|
|
@body_classes = %w(edit update).include?(action_name) ? 'admin' : 'lighter'
|
2018-07-31 02:14:33 +03:00
|
|
|
end
|
|
|
|
|
2018-06-15 19:00:23 +03:00
|
|
|
def set_invite
|
2022-02-14 22:27:53 +02:00
|
|
|
@invite = begin
|
|
|
|
invite = Invite.find_by(code: invite_code) if invite_code.present?
|
|
|
|
invite if invite&.valid_for_use?
|
|
|
|
end
|
2018-06-15 19:00:23 +03:00
|
|
|
end
|
|
|
|
|
2017-02-08 04:04:29 +02:00
|
|
|
def determine_layout
|
|
|
|
%w(edit update).include?(action_name) ? 'admin' : 'auth'
|
|
|
|
end
|
2017-06-25 17:54:30 +03:00
|
|
|
|
|
|
|
def set_sessions
|
|
|
|
@sessions = current_user.session_activations
|
|
|
|
end
|
Change unconfirmed user login behaviour (#11375)
Allow access to account settings, 2FA, authorized applications, and
account deletions to unconfirmed and pending users, as well as
users who had their accounts disabled. Suspended users cannot update
their e-mail or password or delete their account.
Display account status on account settings page, for example, when
an account is frozen, limited, unconfirmed or pending review.
After sign up, login users straight away and show a simple page that
tells them the status of their account with links to account settings
and logout, to reduce onboarding friction and allow users to correct
wrongly typed e-mail addresses.
Move the final sign-up step of SSO integrations to be the same
as above to reduce code duplication.
2019-07-22 11:48:50 +03:00
|
|
|
|
2022-02-14 22:27:53 +02:00
|
|
|
def set_strikes
|
2022-03-01 20:37:47 +02:00
|
|
|
@strikes = current_account.strikes.recent.latest
|
2022-02-14 22:27:53 +02:00
|
|
|
end
|
|
|
|
|
Change unconfirmed user login behaviour (#11375)
Allow access to account settings, 2FA, authorized applications, and
account deletions to unconfirmed and pending users, as well as
users who had their accounts disabled. Suspended users cannot update
their e-mail or password or delete their account.
Display account status on account settings page, for example, when
an account is frozen, limited, unconfirmed or pending review.
After sign up, login users straight away and show a simple page that
tells them the status of their account with links to account settings
and logout, to reduce onboarding friction and allow users to correct
wrongly typed e-mail addresses.
Move the final sign-up step of SSO integrations to be the same
as above to reduce code duplication.
2019-07-22 11:48:50 +03:00
|
|
|
def require_not_suspended!
|
|
|
|
forbidden if current_account.suspended?
|
|
|
|
end
|
2019-12-30 05:38:30 +02:00
|
|
|
|
2022-10-05 19:57:33 +03:00
|
|
|
def set_rules
|
|
|
|
@rules = Rule.ordered
|
|
|
|
end
|
|
|
|
|
|
|
|
def require_rules_acceptance!
|
|
|
|
return if @rules.empty? || (session[:accept_token].present? && params[:accept] == session[:accept_token])
|
|
|
|
|
|
|
|
@accept_token = session[:accept_token] = SecureRandom.hex
|
2022-10-30 20:04:39 +02:00
|
|
|
@invite_code = invite_code
|
2022-10-05 19:57:33 +03:00
|
|
|
|
|
|
|
set_locale { render :rules }
|
|
|
|
end
|
|
|
|
|
2019-12-30 05:38:30 +02:00
|
|
|
def set_cache_headers
|
2022-11-16 05:56:30 +02:00
|
|
|
response.headers['Cache-Control'] = 'private, no-store'
|
2019-12-30 05:38:30 +02:00
|
|
|
end
|
2016-03-05 23:43:05 +02:00
|
|
|
end
|