Block unverified users

This commit is contained in:
Trevor Vallender 2024-06-19 16:42:15 +01:00
parent 0ef2d0b23c
commit 0463e47044
4 changed files with 15 additions and 2 deletions

View File

@ -11,10 +11,13 @@ class SessionsController < ApplicationController
username: params[:username], username: params[:username],
password: params[:password], password: params[:password],
) )
if Current.user if Current.user && Current.user.verified?
session[:user_id] = Current.user.id session[:user_id] = Current.user.id
flash[:notice] = t(".success", name: Current.user.first_name) flash[:notice] = t(".success", name: Current.user.first_name)
redirect_to :root redirect_to :root
elsif !Current.user.verified?
flash[:alert] = t(".not_verified")
render :new, status: :unprocessable_entity
else else
flash[:alert] = t(".error") flash[:alert] = t(".error")
render :new, status: :unprocessable_entity render :new, status: :unprocessable_entity

View File

@ -40,7 +40,7 @@ class CharacterSheetFeature < ApplicationRecord
return if order_index.present? return if order_index.present?
if character_sheet_section.character_sheet_features.any? if character_sheet_section.character_sheet_features.any?
self.order_index = character_sheet_section.character_sheet_features.order_index(:order_index).last.order_index + 1 self.order_index = character_sheet_section.character_sheet_features.order(:order_index).last.order_index + 1
else else
self.order_index = 1 self.order_index = 1
end end

View File

@ -137,6 +137,7 @@ en:
create: create:
success: "Hello, %{name}!" success: "Hello, %{name}!"
error: "Could not sign in. Please check your username and password." error: "Could not sign in. Please check your username and password."
not_verified: Please check your email to verify your account and log in.
new: new:
log_in: Log in log_in: Log in
forgot_password: Forgotten your password? forgot_password: Forgotten your password?

View File

@ -14,4 +14,13 @@ class SignUpsTest < ApplicationSystemTestCase
click_on I18n.t("sessions.destroy.log_out") click_on I18n.t("sessions.destroy.log_out")
assert_text I18n.t("sessions.destroy.success") assert_text I18n.t("sessions.destroy.success")
end end
test "unverified users cannot log in" do
visit new_session_url
fill_in attr_name(User, :username), with: users(:unverified).username
fill_in attr_name(User, :password), with: "password"
click_button I18n.t("sessions.new.log_in")
assert_text I18n.t("sessions.create.not_verified")
end
end end