Dump
Some checks failed
CI / scan_ruby (push) Has been cancelled
CI / scan_js (push) Has been cancelled
CI / lint (push) Has been cancelled
CI / test (push) Has been cancelled
Some checks failed
CI / scan_ruby (push) Has been cancelled
CI / scan_js (push) Has been cancelled
CI / lint (push) Has been cancelled
CI / test (push) Has been cancelled
This commit is contained in:
commit
ef378a1f59
147 changed files with 3891 additions and 0 deletions
12
app/controllers/application_controller.rb
Normal file
12
app/controllers/application_controller.rb
Normal file
|
@ -0,0 +1,12 @@
|
|||
class ApplicationController < ActionController::Base
|
||||
include Authentication
|
||||
# Only allow modern browsers supporting webp images, web push, badges, import maps, CSS nesting, and CSS :has.
|
||||
allow_browser versions: :modern
|
||||
|
||||
around_action :switch_locale
|
||||
|
||||
def switch_locale(&action)
|
||||
locale = params[:locale] || I18n.default_locale
|
||||
I18n.with_locale(locale, &action)
|
||||
end
|
||||
end
|
0
app/controllers/concerns/.keep
Normal file
0
app/controllers/concerns/.keep
Normal file
52
app/controllers/concerns/authentication.rb
Normal file
52
app/controllers/concerns/authentication.rb
Normal file
|
@ -0,0 +1,52 @@
|
|||
module Authentication
|
||||
extend ActiveSupport::Concern
|
||||
|
||||
included do
|
||||
before_action :require_authentication
|
||||
helper_method :authenticated?
|
||||
end
|
||||
|
||||
class_methods do
|
||||
def allow_unauthenticated_access(**options)
|
||||
skip_before_action :require_authentication, **options
|
||||
end
|
||||
end
|
||||
|
||||
private
|
||||
def authenticated?
|
||||
resume_session
|
||||
end
|
||||
|
||||
def require_authentication
|
||||
resume_session || request_authentication
|
||||
end
|
||||
|
||||
def resume_session
|
||||
Current.session ||= find_session_by_cookie
|
||||
end
|
||||
|
||||
def find_session_by_cookie
|
||||
Session.find_by(id: cookies.signed[:session_id]) if cookies.signed[:session_id]
|
||||
end
|
||||
|
||||
def request_authentication
|
||||
session[:return_to_after_authenticating] = request.url
|
||||
redirect_to new_session_path
|
||||
end
|
||||
|
||||
def after_authentication_url
|
||||
session.delete(:return_to_after_authenticating) || root_url
|
||||
end
|
||||
|
||||
def start_new_session_for(user)
|
||||
user.sessions.create!(user_agent: request.user_agent, ip_address: request.remote_ip).tap do |session|
|
||||
Current.session = session
|
||||
cookies.signed.permanent[:session_id] = { value: session.id, httponly: true, same_site: :lax }
|
||||
end
|
||||
end
|
||||
|
||||
def terminate_session
|
||||
Current.session.destroy
|
||||
cookies.delete(:session_id)
|
||||
end
|
||||
end
|
33
app/controllers/passwords_controller.rb
Normal file
33
app/controllers/passwords_controller.rb
Normal file
|
@ -0,0 +1,33 @@
|
|||
class PasswordsController < ApplicationController
|
||||
allow_unauthenticated_access
|
||||
before_action :set_user_by_token, only: %i[ edit update ]
|
||||
|
||||
def new
|
||||
end
|
||||
|
||||
def create
|
||||
if user = User.find_by(email_address: params[:email_address])
|
||||
PasswordsMailer.reset(user).deliver_later
|
||||
end
|
||||
|
||||
redirect_to new_session_path, notice: "Password reset instructions sent (if user with that email address exists)."
|
||||
end
|
||||
|
||||
def edit
|
||||
end
|
||||
|
||||
def update
|
||||
if @user.update(params.permit(:password, :password_confirmation))
|
||||
redirect_to new_session_path, notice: "Password has been reset."
|
||||
else
|
||||
redirect_to edit_password_path(params[:token]), alert: "Passwords did not match."
|
||||
end
|
||||
end
|
||||
|
||||
private
|
||||
def set_user_by_token
|
||||
@user = User.find_by_password_reset_token!(params[:token])
|
||||
rescue ActiveSupport::MessageVerifier::InvalidSignature
|
||||
redirect_to new_password_path, alert: "Password reset link is invalid or has expired."
|
||||
end
|
||||
end
|
49
app/controllers/products_controller.rb
Normal file
49
app/controllers/products_controller.rb
Normal file
|
@ -0,0 +1,49 @@
|
|||
class ProductsController < ApplicationController
|
||||
allow_unauthenticated_access only: %i[ index show ]
|
||||
before_action :set_product, only: %i[ show edit update destroy ]
|
||||
|
||||
def index
|
||||
@products = Product.all
|
||||
end
|
||||
|
||||
def show
|
||||
end
|
||||
|
||||
def new
|
||||
@product = Product.new
|
||||
end
|
||||
|
||||
def create
|
||||
@product = Product.new(product_params)
|
||||
if @product.save
|
||||
redirect_to @product
|
||||
else
|
||||
render :new, status: :unprocessable_entity
|
||||
end
|
||||
end
|
||||
|
||||
def edit
|
||||
end
|
||||
|
||||
def update
|
||||
if @product.update(product_params)
|
||||
redirect_to @product
|
||||
else
|
||||
render :edit, status: :unprocessable_entity
|
||||
end
|
||||
end
|
||||
|
||||
def destroy
|
||||
@product.destroy
|
||||
redirect_to products_path
|
||||
end
|
||||
|
||||
private
|
||||
def set_product
|
||||
@product = Product.find(params[:id])
|
||||
end
|
||||
|
||||
def product_params
|
||||
params.expect(product: [ :name, :description, :featured_image, :inventory_count ])
|
||||
end
|
||||
end
|
21
app/controllers/sessions_controller.rb
Normal file
21
app/controllers/sessions_controller.rb
Normal file
|
@ -0,0 +1,21 @@
|
|||
class SessionsController < ApplicationController
|
||||
allow_unauthenticated_access only: %i[ new create ]
|
||||
rate_limit to: 10, within: 3.minutes, only: :create, with: -> { redirect_to new_session_url, alert: "Try again later." }
|
||||
|
||||
def new
|
||||
end
|
||||
|
||||
def create
|
||||
if user = User.authenticate_by(params.permit(:email_address, :password))
|
||||
start_new_session_for user
|
||||
redirect_to after_authentication_url
|
||||
else
|
||||
redirect_to new_session_path, alert: "Try another email address or password."
|
||||
end
|
||||
end
|
||||
|
||||
def destroy
|
||||
terminate_session
|
||||
redirect_to new_session_path
|
||||
end
|
||||
end
|
20
app/controllers/subscribers_controller.rb
Normal file
20
app/controllers/subscribers_controller.rb
Normal file
|
@ -0,0 +1,20 @@
|
|||
class SubscribersController < ApplicationController
|
||||
allow_unauthenticated_access
|
||||
before_action :set_product
|
||||
|
||||
def create
|
||||
@product.subscribers.where(subscriber_params).first_or_create
|
||||
redirect_to @product, notice: "You are subscribed!"
|
||||
end
|
||||
|
||||
private
|
||||
|
||||
def set_product
|
||||
@product = Product.find(params[:product_id])
|
||||
end
|
||||
|
||||
def subscriber_params
|
||||
params.expect(subscriber: [ :email ])
|
||||
end
|
||||
|
||||
end
|
Loading…
Add table
Add a link
Reference in a new issue