Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow user authentication from email links #861

Merged
merged 7 commits into from
May 23, 2021
Merged

Allow user authentication from email links #861

merged 7 commits into from
May 23, 2021

Conversation

nicoolas25
Copy link
Collaborator

@nicoolas25 nicoolas25 commented May 23, 2021
edited
Loading

Summary

Note: this PR replaces #858

As part of #829 I would like to authenticate users right from emails. This PR sets the foundations to do this.

So far we authenticated users using matches' tokens or slot_alerts's tokens.
Now we need users' tokens: we need communication unrelated to any of the above events.

Details

No functional changes should be part of this PR.

It adds a concern for controllers UserAuthenticationViaSignedId that complements the usual devise/warden authentication using an authentication_token based on globalid.

It creates a single partial to DRY those routes:

  • users#destroy,
  • matches/users#destroy, and
  • slot_alerts/users#destroy.

Also DRY those views:

  • slot_alerts/users#edit, and
  • matches/users#edit

... into users/_confirm_destroy_message.

The goal is to reuse confirm_destroy_profile_path from email and sign it with an authentication token.

This users#confirm_destroy action looks like this:

Screenshot from 2021-05-23 10-53-57

Poke @mininao as you authored the original issue.

The next steps are:

  1. Create the rake task to identify the appropriate users
  2. Create emails to send to those users, include a link to confirm_destroy_profile_path with an auth token
  3. Reuse that in matches's emails (and slot_alers's ones) when offering the user the ability to remove themselves from the list

@nicoolas25 nicoolas25 changed the title Refactor the routes to follow conventions Allow user authentication from email links May 23, 2021
@nicoolas25 nicoolas25 self-assigned this May 23, 2021
@nicoolas25
Copy link
Collaborator Author

@EmCousin Approved the PR here.

mathieuripert
mathieuripert approved these changes May 23, 2021
View reviewed changes
Copy link
Member

@mathieuripert mathieuripert left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice :)

@mathieuripert mathieuripert merged commit 27e31c0 into main May 23, 2021
@mathieuripert mathieuripert deleted the nicoolas25.unsubscribe-automated-emails-preparation branch May 23, 2021 16:37
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@EmCousin EmCousin EmCousin approved these changes

@mathieuripert mathieuripert mathieuripert approved these changes

Assignees

@nicoolas25 nicoolas25

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@nicoolas25 @mathieuripert @EmCousin