houdini/app/controllers/users/registrations_controller.rb

52 lines
1.8 KiB
Ruby
Raw Normal View History

class Users::RegistrationsController < Devise::RegistrationsController
respond_to :html, :json
def new
super
end
# this endpoint only creates donor users
def create
params[:user][:referer] = session[:referer_id]
user = User.register_donor!(params[:user])
if user.save
sign_in user
render :json => user
else
render :json => user.errors.full_messages, :status => :unprocessable_entity
clean_up_passwords(user)
end
end
# If a user registered via OAuth, allow them to set their password and email
# without confirming their current password. # Otherwise, they need to confirm their current password.
# See: https://github.com/plataformatec/devise/wiki/How-To:-Allow-users-to-edit-their-account-without-providing-a-password
def update
# User either registered with Oauth and hasn't set a password or has entered a valid password
if current_user.pending_password || current_user.valid_password?(params[:user][:current_password])
# If the user updates their password, they are no longer flagged as 'pending_password'
if current_user.pending_password && params[:user][:password] && params[:user][:password_confirmation]
params[:user][:pending_password] = false
end
success = current_user.update_attributes(params[:user])
errs = current_user.errors.full_messages
else
success = false
errs = {:password => :incorrect}
end
if success
if params[:user][:email].present?
flash[:notice] = 'We need to confirm your new email address. Check your inbox for a confirmation link.'
else
flash[:notice] = 'Account updated!'
end
sign_in(current_user, :bypass => true)
render :json => current_user
else
render :json => {:errors => errs}, :status => :unprocessable_entity
end
end
end