Creating a seperate "change email" form and send a confirmation to the user before commit

34 views
Skip to first unread message

rubybox

unread,
Jan 21, 2013, 3:52:27 AM1/21/13
to plataforma...@googlegroups.com

Im trying for quite some time now to seperate to a seperate form for changing user email + adding a confirmation email to it before its really changed.

User story:
  1. Showing "Your current email is = @user.email, fill form to change your email "   form with email + password fields
  2. User enters new email and there current password
  3. Validation of the password if correct then send confirmation email to user
  4. If user clicks confirmation link there email is changed

Anyone ever attempted this ? there are several posts here for people requesting this feature but it never made it as far as I can see, nor any real info on how to get this functionality.

Im sharing my code in hopes we can work this out together.

  1. I overruled the registration controller update method
  2. Im adding hidden field in change email form

/app/views/account/edit_password.html.haml:

= simple_form_for(@user, :as => @user, :url => registration_path(@user), :html => { :class => 'form-horizontal', :method => :put }) do |f|

  = f.hidden_field :form, :value => "change_email"


  .control-group.password.required
    %label.password.required.control-label
      %abbr
      = t('.current_email')
    .controls{:style => "margin-top: 10px"}
      %h3.grey
        = @user.email

  .ruler
  .clear

  = f.input :email,                                       :label => t('.new_email')

  = f.input :password,                                    :label => t('.password')

  .ruler
  .clear

  = f.button :submit, t('forms.save'), :class => "span-4"

/app/controllers/registrations_controller.rb

class RegistrationsController < Devise::RegistrationsController

  prepend_before_filter :authenticate_scope!, :only => [:edit, :update, :destroy, :change_password]

  layout "application"

    def update
    puts "UPDATE ACTION CALLED!!"
    puts params
    puts params['user'][:change_email]

    if resource.update_with_password(params[resource_name])

      puts "update regular"
      set_flash_message :notice, :updated if is_navigational_format?
      sign_in resource_name, resource, :bypass => true
      respond_with resource, :location => after_update_path_for(resource)
    else
      puts "other xxx"
      clean_up_passwords(resource)
      respond_with_navigational(resource) do
        if params['user'][:form] == "change_email"
          puts "change the email"
          redirect_to account
        else
          # the default if not change_password and not
          # change email
        end
      end
    end

  end


Im stuck here how to approach next?

@Jose

Could you share some information on how to approach next?

Would really appreciate any help ! thanks in advanche








rubybox

unread,
Jan 21, 2013, 4:14:27 AM1/21/13
to plataforma...@googlegroups.com
Digging the docs I have come up with this so far:
Now the problem is how to handle a confirmation link


def update

    def sub_layout
      "left"
    end


 
    puts params
    puts params['user'][:change_email]
    puts params['user'][:password]


    if resource.update_with_password(params[resource_name])
      puts "update regular"
      set_flash_message :notice, :updated if is_navigational_format?
      sign_in resource_name, resource, :bypass => true
      respond_with resource, :location => after_update_path_for(resource)
    else
      puts "other xxx"
      clean_up_passwords(resource)
      respond_with_navigational(resource) do
        if params['user'][:form] == "change_email"

          puts "change the email"

          # check password
          # if valid prepare change email confirmation
          user = User.find_by_email(params['user'][:email])
          if user.valid_password?(params['user'][:password])

            Mailer.confirm_email_change(self).deliver

            redirect_to "/account/edit/email", :notice => "Please check your inbox to confirm your email change"
            return
          else
            redirect_to "/account/edit/email", :notice => "The provided password is invalid"
            return
          end

          # send change email confirmation email
          # redirect back to the form with :notice failed or ok
          #redirect_to "/account/edit/email"

rubybox

unread,
Feb 6, 2013, 8:20:58 AM2/6/13
to plataforma...@googlegroups.com
So above code was very messy and more or less trying this out quickly as draft.

Anyone has come up with a solid solution? can't believe nobody would want this feature..

latortuga

unread,
Feb 8, 2013, 10:46:13 AM2/8/13
to plataforma...@googlegroups.com
Are you sure that simply using the reconfirmable feature wouldn't fit your use case?
Reply all
Reply to author
Forward
0 new messages