2021-03-01 18:39:47 +01:00
# frozen_string_literal: true
class Api :: V1 :: Emails :: ConfirmationsController < Api :: BaseController
2023-05-16 18:03:52 +02:00
before_action - > { authorize_if_got_token! :read , :'read:accounts' } , only : :check
before_action - > { doorkeeper_authorize! :write , :'write:accounts' } , except : :check
before_action :require_user_owned_by_application! , except : :check
before_action :require_user_not_confirmed! , except : :check
2023-07-02 00:05:44 +02:00
before_action :require_authenticated_user! , only : :check
2021-03-01 18:39:47 +01:00
def create
2021-06-02 21:07:50 +02:00
current_user . update! ( email : params [ :email ] ) if params . key? ( :email )
current_user . resend_confirmation_instructions
2021-03-25 02:46:13 +01:00
2021-03-01 18:39:47 +01:00
render_empty
end
2023-05-16 18:03:52 +02:00
def check
render json : current_user . confirmed?
end
2021-03-01 18:39:47 +01:00
private
def require_user_owned_by_application!
2023-02-20 03:16:40 +01:00
render json : { error : 'This method is only available to the application the user originally signed-up with' } , status : 403 unless current_user && current_user . created_by_application_id == doorkeeper_token . application_id
2021-03-01 18:39:47 +01:00
end
2021-06-02 21:07:50 +02:00
def require_user_not_confirmed!
2023-02-20 03:16:40 +01:00
render json : { error : 'This method is only available while the e-mail is awaiting confirmation' } , status : 403 unless ! current_user . confirmed? || current_user . unconfirmed_email . present?
2021-06-02 21:07:50 +02:00
end
2021-03-01 18:39:47 +01:00
end
