Class: UsersEmailController
- Inherits:
-
ApplicationController
- Object
- ActionController::Base
- ApplicationController
- UsersEmailController
- Defined in:
- app/controllers/users_email_controller.rb
Constant Summary
Constants inherited from ApplicationController
ApplicationController::CHALLENGE_KEY, ApplicationController::HONEYPOT_KEY, ApplicationController::LEGACY_NO_THEMES, ApplicationController::LEGACY_NO_UNOFFICIAL_PLUGINS, ApplicationController::NO_PLUGINS, ApplicationController::NO_THEMES, ApplicationController::NO_UNOFFICIAL_PLUGINS, ApplicationController::SAFE_MODE
Constants included from CanonicalURL::ControllerExtensions
CanonicalURL::ControllerExtensions::ALLOWED_CANONICAL_PARAMS
Instance Attribute Summary
Attributes inherited from ApplicationController
Instance Method Summary collapse
- #confirm_new_email ⇒ Object
- #confirm_old_email ⇒ Object
- #create ⇒ Object
- #index ⇒ Object
- #show_confirm_new_email ⇒ Object
- #show_confirm_old_email ⇒ Object
- #update ⇒ Object
Methods inherited from ApplicationController
#application_layout, #can_cache_content?, #clear_notifications, #conditionally_allow_site_embedding, #current_homepage, #discourse_expires_in, #dont_cache_page, #ember_cli_required?, #fetch_user_from_params, #guardian, #handle_permalink, #handle_theme, #handle_unverified_request, #has_escaped_fragment?, #immutable_for, #login_method, #no_cookies, #perform_refresh_session, #post_ids_including_replies, #preload_json, #rate_limit_second_factor!, #redirect_with_client_support, #render_json_dump, #render_serialized, requires_plugin, #rescue_discourse_actions, #resolve_safe_mode, #secure_session, #serialize_data, #set_current_user_for_logs, #set_layout, #set_mobile_view, #set_mp_snapshot_fields, #show_browser_update?, #store_preloaded, #use_crawler_layout?, #with_resolved_locale
Methods included from VaryHeader
Methods included from ThemeResolver
Methods included from ReadOnlyMixin
#add_readonly_header, #allowed_in_staff_writes_only_mode?, #block_if_readonly_mode, #check_readonly_mode, #get_or_check_readonly_mode, #get_or_check_staff_writes_only_mode, included, #staff_writes_only_mode?
Methods included from Hijack
Methods included from GlobalPath
#cdn_path, #cdn_relative_path, #full_cdn_url, #path, #upload_cdn_path
Methods included from JsonError
Methods included from CanonicalURL::ControllerExtensions
#canonical_url, #default_canonical, included
Methods included from CurrentUser
#clear_current_user, #current_user, has_auth_cookie?, #is_api?, #is_user_api?, #log_off_user, #log_on_user, lookup_from_env, #refresh_session
Instance Method Details
#confirm_new_email ⇒ Object
56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 |
# File 'app/controllers/users_email_controller.rb', line 56 def confirm_new_email change_request = load_change_request(:new) result = run_second_factor!(SecondFactor::Actions::ConfirmEmail, target_user: change_request.user) if result.no_second_factors_enabled? || result.second_factor_auth_completed? updater = EmailUpdater.new if updater.confirm(params[:token]) == :complete updater.user.user_stat.reset_bounce_score! render json: success_json else render json: { error: I18n.t("change_email.already_done") }, status: 400 end end end |
#confirm_old_email ⇒ Object
85 86 87 88 89 90 91 92 93 94 |
# File 'app/controllers/users_email_controller.rb', line 85 def confirm_old_email load_change_request(:old) updater = EmailUpdater.new if updater.confirm(params[:token]) == :authorizing_new render json: success_json else render json: { error: I18n.t("change_email.already_done") }, status: 400 end end |
#create ⇒ Object
20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 |
# File 'app/controllers/users_email_controller.rb', line 20 def create return render json: failed_json, status: 410 if !SiteSetting.enable_secondary_emails params.require(:email) user = fetch_user_from_params RateLimiter.new(user, "email-hr-#{request.remote_ip}", 6, 1.hour).performed! RateLimiter.new(user, "email-min-#{request.remote_ip}", 3, 1.minute).performed! updater = EmailUpdater.new(guardian: guardian, user: user) updater.change_to(params[:email], add: true) return render_json_error(updater.errors.) if updater.errors.present? render body: nil rescue RateLimiter::LimitExceeded render_json_error(I18n.t("rate_limiter.slow_down")) end |
#index ⇒ Object
17 18 |
# File 'app/controllers/users_email_controller.rb', line 17 def index end |
#show_confirm_new_email ⇒ Object
73 74 75 76 77 78 79 80 81 82 83 |
# File 'app/controllers/users_email_controller.rb', line 73 def show_confirm_new_email return render "default/empty" if request.format.html? change_request = load_change_request(:new) render json: { new_email: change_request.new_email, old_email: change_request.old_email, token: params[:token], } end |
#show_confirm_old_email ⇒ Object
96 97 98 99 100 101 102 103 104 105 106 |
# File 'app/controllers/users_email_controller.rb', line 96 def show_confirm_old_email return render "default/empty" if request.format.html? change_request = load_change_request(:old) render json: { new_email: change_request.new_email, old_email: change_request.old_email, token: params[:token], } end |
#update ⇒ Object
39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 |
# File 'app/controllers/users_email_controller.rb', line 39 def update params.require(:email) user = fetch_user_from_params RateLimiter.new(user, "email-hr-#{request.remote_ip}", 6, 1.hour).performed! RateLimiter.new(user, "email-min-#{request.remote_ip}", 3, 1.minute).performed! updater = EmailUpdater.new(guardian: guardian, user: user) updater.change_to(params[:email]) return render_json_error(updater.errors.) if updater.errors.present? render body: nil rescue RateLimiter::LimitExceeded render_json_error(I18n.t("rate_limiter.slow_down")) end |