2021-03-01 09:39:47 -08:00
# frozen_string_literal: true
class Api :: V1 :: Emails :: ConfirmationsController < Api :: BaseController
2023-05-16 09:03:52 -07:00
before_action - > { authorize_if_got_token! :read , :'read:accounts' } , only : :check
before_action - > { doorkeeper_authorize! :write , :'write:accounts' } , except : :check
before_action :require_user_owned_by_application! , except : :check
before_action :require_user_not_confirmed! , except : :check
2023-07-01 15:05:44 -07:00
before_action :require_authenticated_user! , only : :check
2021-03-01 09:39:47 -08:00
def create
2021-06-02 12:07:50 -07:00
current_user . update! ( email : params [ :email ] ) if params . key? ( :email )
current_user . resend_confirmation_instructions
2021-03-24 18:46:13 -07:00
2021-03-01 09:39:47 -08:00
render_empty
end
2023-05-16 09:03:52 -07:00
def check
render json : current_user . confirmed?
end
2021-03-01 09:39:47 -08:00
private
def require_user_owned_by_application!
2023-02-19 18:16:40 -08:00
render json : { error : 'This method is only available to the application the user originally signed-up with' } , status : 403 unless current_user && current_user . created_by_application_id == doorkeeper_token . application_id
2021-03-01 09:39:47 -08:00
end
2021-06-02 12:07:50 -07:00
def require_user_not_confirmed!
2023-02-19 18:16:40 -08:00
render json : { error : 'This method is only available while the e-mail is awaiting confirmation' } , status : 403 unless ! current_user . confirmed? || current_user . unconfirmed_email . present?
2021-06-02 12:07:50 -07:00
end
2021-03-01 09:39:47 -08:00
end
