diff --git a/app/api/houdini/v1/base_api.rb b/app/api/houdini/v1/base_api.rb index 4b25d92e..49a57136 100644 --- a/app/api/houdini/v1/base_api.rb +++ b/app/api/houdini/v1/base_api.rb @@ -2,31 +2,4 @@ # License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later class Houdini::V1::BaseAPI < Grape::API - # helpers ApplicationHelper - # helpers do - # def session - # env['rack.session'] - # end - # - # def protect_against_forgery - # unless verified_request? - # error!('Unauthorized', 401) - # end - # end - # - # def verified_request? - # !protect_against_forgery? || request.get? || request.head? || - # form_authenticity_token == request.headers['X-CSRF-Token'] || - # form_authenticity_token == request.headers['X-Csrf-Token'] - # end - # - # def form_authenticity_token - # session[:_csrf_token] ||= SecureRandom.base64(32) - # end - # - # def protect_against_forgery? - # allow_forgery_protection = Rails.configuration.action_controller.allow_forgery_protection - # allow_forgery_protection.nil? || allow_forgery_protection - # end - # end end diff --git a/app/api/houdini/v1/helpers/application_helper.rb b/app/api/houdini/v1/helpers/application_helper.rb index 0af8a17d..d3b80ee6 100644 --- a/app/api/houdini/v1/helpers/application_helper.rb +++ b/app/api/houdini/v1/helpers/application_helper.rb @@ -3,39 +3,4 @@ # License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later module Houdini::V1::Helpers::ApplicationHelper extend Grape::API::Helpers - - def session - env['rack.session'] - end - - def protect_against_forgery - error!('Unauthorized', 401) unless verified_request? - end - - def verified_request? - !protect_against_forgery? || request.get? || request.head? || - form_authenticity_token == request.headers['X-CSRF-Token'] || - form_authenticity_token == request.headers['X-Csrf-Token'] - end - - def form_authenticity_token - session[:_csrf_token] ||= SecureRandom.base64(32) - end - - def protect_against_forgery? - allow_forgery_protection = Rails.configuration.action_controller.allow_forgery_protection - allow_forgery_protection.nil? || allow_forgery_protection - end - - # def rescue_ar_invalid( *class_to_hash) - # rescue_with ActiveRecord::RecordInvalid do |error| - # output = [] - # error.record.errors do |attr,message| - # output.push({params: "#{class_to_hash[error.record.class]}['#{attr}']", - # message: message}) - # end - # raise Grape::Exceptions::ValidationErrors.new(output) - # - # end - # end end diff --git a/app/api/houdini/v1/nonprofit.rb b/app/api/houdini/v1/nonprofit.rb index 39ba746d..c8de72d3 100644 --- a/app/api/houdini/v1/nonprofit.rb +++ b/app/api/houdini/v1/nonprofit.rb @@ -4,10 +4,6 @@ class Houdini::V1::Nonprofit < Houdini::V1::BaseAPI helpers Houdini::V1::Helpers::ApplicationHelper, Houdini::V1::Helpers::RescueHelper - before do - protect_against_forgery - end - desc 'Return a nonprofit.' do success Houdini::V1::Entities::Nonprofit end @@ -16,7 +12,7 @@ class Houdini::V1::Nonprofit < Houdini::V1::BaseAPI end route_param :id do get do - np = Nonprofit.find(params[:id]) + np = ::Nonprofit.find(params[:id]) present np, as: Houdini::V1::Entities::Nonprofit end end @@ -57,7 +53,7 @@ class Houdini::V1::Nonprofit < Houdini::V1::BaseAPI np = nil u = nil Qx.transaction do - np = Nonprofit.new(OnboardAccounts.set_nonprofit_defaults(declared_params[:nonprofit])) + np = ::Nonprofit.new(OnboardAccounts.set_nonprofit_defaults(declared_params[:nonprofit])) begin np.save! diff --git a/app/controllers/onboard_controller.rb b/app/controllers/onboard_controller.rb index ceb7d782..1a88c76f 100644 --- a/app/controllers/onboard_controller.rb +++ b/app/controllers/onboard_controller.rb @@ -2,6 +2,7 @@ class OnboardController < ApplicationController layout 'layouts/apified' + def index @theme = 'minimal' end diff --git a/config/initializers/session_store.rb b/config/initializers/session_store.rb index c46dbdec..abbdc30a 100755 --- a/config/initializers/session_store.rb +++ b/config/initializers/session_store.rb @@ -2,4 +2,4 @@ # Be sure to restart your server when you modify this file. -Rails.application.config.session_store :cookie_store, key: '_commitchange_session' +Rails.application.config.session_store :cookie_store, key: ENV['COOKIE_STORE_KEY'] || '_commitchange_session' diff --git a/package-lock.json b/package-lock.json index 7b039b46..f122e629 100644 --- a/package-lock.json +++ b/package-lock.json @@ -10583,8 +10583,7 @@ "ansi-regex": { "version": "2.1.1", "bundled": true, - "dev": true, - "optional": true + "dev": true }, "aproba": { "version": "1.2.0", @@ -10605,14 +10604,12 @@ "balanced-match": { "version": "1.0.0", "bundled": true, - "dev": true, - "optional": true + "dev": true }, "brace-expansion": { "version": "1.1.11", "bundled": true, "dev": true, - "optional": true, "requires": { "balanced-match": "^1.0.0", "concat-map": "0.0.1" @@ -10627,20 +10624,17 @@ "code-point-at": { "version": "1.1.0", "bundled": true, - "dev": true, - "optional": true + "dev": true }, "concat-map": { "version": "0.0.1", "bundled": true, - "dev": true, - "optional": true + "dev": true }, "console-control-strings": { "version": "1.1.0", "bundled": true, - "dev": true, - "optional": true + "dev": true }, "core-util-is": { "version": "1.0.2", @@ -10757,8 +10751,7 @@ "inherits": { "version": "2.0.3", "bundled": true, - "dev": true, - "optional": true + "dev": true }, "ini": { "version": "1.3.5", @@ -10770,7 +10763,6 @@ "version": "1.0.0", "bundled": true, "dev": true, - "optional": true, "requires": { "number-is-nan": "^1.0.0" } @@ -10785,7 +10777,6 @@ "version": "3.0.4", "bundled": true, "dev": true, - "optional": true, "requires": { "brace-expansion": "^1.1.7" } @@ -10793,14 +10784,12 @@ "minimist": { "version": "0.0.8", "bundled": true, - "dev": true, - "optional": true + "dev": true }, "minipass": { "version": "2.3.5", "bundled": true, "dev": true, - "optional": true, "requires": { "safe-buffer": "^5.1.2", "yallist": "^3.0.0" @@ -10819,7 +10808,6 @@ "version": "0.5.1", "bundled": true, "dev": true, - "optional": true, "requires": { "minimist": "0.0.8" } @@ -10900,8 +10888,7 @@ "number-is-nan": { "version": "1.0.1", "bundled": true, - "dev": true, - "optional": true + "dev": true }, "object-assign": { "version": "4.1.1", @@ -10913,7 +10900,6 @@ "version": "1.4.0", "bundled": true, "dev": true, - "optional": true, "requires": { "wrappy": "1" } @@ -10999,8 +10985,7 @@ "safe-buffer": { "version": "5.1.2", "bundled": true, - "dev": true, - "optional": true + "dev": true }, "safer-buffer": { "version": "2.1.2", @@ -11036,7 +11021,6 @@ "version": "1.0.2", "bundled": true, "dev": true, - "optional": true, "requires": { "code-point-at": "^1.0.0", "is-fullwidth-code-point": "^1.0.0", @@ -11056,7 +11040,6 @@ "version": "3.0.1", "bundled": true, "dev": true, - "optional": true, "requires": { "ansi-regex": "^2.0.0" } @@ -11100,14 +11083,12 @@ "wrappy": { "version": "1.0.2", "bundled": true, - "dev": true, - "optional": true + "dev": true }, "yallist": { "version": "3.0.3", "bundled": true, - "dev": true, - "optional": true + "dev": true } } },