#663

Committed 17 Mar 2026 01:12AM UTC coverage: 12.22% (-78.4%) from 90.649%

Build # #663

Build Type

push

Committed by

Commit Message

switching back to mult-email

Coverage Stats

202 of 1653 relevant lines covered (12.22%)

0.39 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

0.0

/app/controllers/devise_token_auth/unlocks_controller.rb

# frozen_string_literal: true

module DeviseTokenAuth
  class UnlocksController < DeviseTokenAuth::ApplicationController
    skip_after_action :update_auth_header, only: [:create, :show]

    # this action is responsible for generating unlock tokens and
    # sending emails
    def create
      return render_create_error_missing_email unless resource_params[:email]

      @email = get_case_insensitive_field_from_resource_params(:email)
      @resource = find_resource(:email, @email)

      if @resource
        yield @resource if block_given?

        @resource.send_unlock_instructions(
          email: @email,
          provider: 'email',
          client_config: params[:config_name]
        )

        if @resource.errors.empty?
          return render_create_success
        else
          render_create_error @resource.errors
        end
      else
        render_not_found_error
      end
    end

    def show
      @resource = resource_class.unlock_access_by_token(params[:unlock_token])

      if @resource.persisted?
        token = @resource.create_token
        @resource.save!
        yield @resource if block_given?

        redirect_header_options = { unlock: true }
        redirect_headers = build_redirect_headers(token.token,
                                                  token.client,
                                                  redirect_header_options)
        redirect_to(@resource.build_auth_url(after_unlock_path_for(@resource),
                                             redirect_headers),
                                             redirect_options)
      else
        render_show_error
      end
    end

    private
    def after_unlock_path_for(resource)
      #TODO: This should probably be a configuration option at the very least.
      '/'
    end

    def render_create_error_missing_email
      render_error(401, I18n.t('devise_token_auth.unlocks.missing_email'))
    end

    def render_create_success
      render json: {
        success: true,
        message: success_message('unlocks', @email)
      }
    end

    def render_create_error(errors)
      render json: {
        success: false,
        errors: errors
      }, status: 400
    end

    def render_show_error
      raise ActionController::RoutingError, 'Not Found'
    end

    def render_not_found_error
      if Devise.paranoid
        render_create_success
      else
        render_error(404, I18n.t('devise_token_auth.unlocks.user_not_found', email: @email))
      end
    end

    def resource_params
      params.permit(:email, :unlock_token, :config)
    end
  end
end

1	# frozen_string_literal: true
2
3	module DeviseTokenAuth	×
4	class UnlocksController < DeviseTokenAuth::ApplicationController	×
5	skip_after_action :update_auth_header, only: [:create, :show]	×
6
7	# this action is responsible for generating unlock tokens and
8	# sending emails
9	def create	×
10	return render_create_error_missing_email unless resource_params[:email]	×
11
12	@email = get_case_insensitive_field_from_resource_params(:email)	×
13	@resource = find_resource(:email, @email)	×
14
15	if @resource	×
16	yield @resource if block_given?	×
17
18	@resource.send_unlock_instructions(	×
19	email: @email,	×
20	provider: 'email',	×
21	client_config: params[:config_name]	×
22	)	×
23
24	if @resource.errors.empty?	×
25	return render_create_success	×
26	else	×
27	render_create_error @resource.errors	×
28	end	×
29	else	×
30	render_not_found_error	×
31	end	×
32	end	×
33
34	def show	×
35	@resource = resource_class.unlock_access_by_token(params[:unlock_token])	×
36
37	if @resource.persisted?	×
38	token = @resource.create_token	×
39	@resource.save!	×
40	yield @resource if block_given?	×
41
42	redirect_header_options = { unlock: true }	×
43	redirect_headers = build_redirect_headers(token.token,	×
44	token.client,	×
45	redirect_header_options)	×
46	redirect_to(@resource.build_auth_url(after_unlock_path_for(@resource),	×
47	redirect_headers),	×
48	redirect_options)	×
49	else	×
50	render_show_error	×
51	end	×
52	end	×
53
54	private	×
55	def after_unlock_path_for(resource)	×
56	#TODO: This should probably be a configuration option at the very least.
57	'/'	×
58	end	×
59
60	def render_create_error_missing_email	×
61	render_error(401, I18n.t('devise_token_auth.unlocks.missing_email'))	×
62	end	×
63
64	def render_create_success	×
65	render json: {	×
66	success: true,	×
67	message: success_message('unlocks', @email)	×
68	}	×
69	end	×
70
71	def render_create_error(errors)	×
72	render json: {	×
73	success: false,	×
74	errors: errors	×
75	}, status: 400	×
76	end	×
77
78	def render_show_error	×
79	raise ActionController::RoutingError, 'Not Found'	×
80	end	×
81
82	def render_not_found_error	×
83	if Devise.paranoid	×
84	render_create_success	×
85	else	×
86	render_error(404, I18n.t('devise_token_auth.unlocks.user_not_found', email: @email))	×
87	end	×
88	end	×
89
90	def resource_params	×
91	params.permit(:email, :unlock_token, :config)	×
92	end	×
93	end	×
94	end	×

mgmodell / devise_token_auth_multi_email / #663

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous