Class: FeedbunchAuth::RegistrationsController

Inherits:
Devise::RegistrationsController
  • Object
show all
Defined in:
app/controllers/feedbunch_auth/registrations_controller.rb

Overview

Customized version of Devise::RegistrationsController.

Before accepting an account deletion (RegistrationsController#destroy method), it validates that the user-submitted password is correct. Only if the password is correct RegistrationsController#destroy is invoked to actually delete the account.

Instance Method Summary collapse

Instance Method Details

#destroyObject

Delete a user's profile. A password parameter must be submitted. The method validates that the submitted password is actually the user's password, otherwise an error is returned.


18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
# File 'app/controllers/feedbunch_auth/registrations_controller.rb', line 18

def destroy
  Rails.logger.warn "User #{current_user.id} - #{current_user.email} has requested account deletion"
  password = profiles_controller_destroy_params[:password]
  if current_user.valid_password? password
    Rails.logger.warn "User #{current_user.id} - #{current_user.email} provided correct password for account deletion"
    current_user.delete_profile
    sign_out
    flash[:notice] = t 'devise.registrations.destroyed'
    redirect_to root_path
  else
    Rails.logger.error "User #{current_user.id} - #{current_user.email} provided wrong password for account deletion"
    flash[:alert] = t 'errors.messages.invalid_password'
    redirect_to edit_user_registration_path
  end
end