[XI-6523] Transfer enmeshed changes from Xikolo

Gemfile

@@ -10,6 +10,7 @@ gem 'coffee-rails', require: false
 gem 'config'
 gem 'devise-bootstrap-views'
 gem 'faraday'
+gem 'faraday-net_http_persistent'
 gem 'http_accept_language'
 gem 'i18n-js'
 gem 'image_processing'

Gemfile.lock

@@ -167,6 +167,9 @@ GEM
       multipart-post (~> 2.0)
     faraday-net_http (3.4.0)
       net-http (>= 0.5.0)
+    faraday-net_http_persistent (2.3.0)
+      faraday (~> 2.5)
+      net-http-persistent (>= 4.0.4, < 5)
     ffi (1.17.1)
     fugit (1.11.1)
       et-orbi (~> 1, >= 1.2.11)
@@ -276,6 +279,8 @@ GEM
       rails (>= 3.2.0)
     net-http (0.6.0)
       uri
+    net-http-persistent (4.0.5)
+      connection_pool (~> 2.2)
     net-imap (0.5.6)
       date
       net-protocol
@@ -613,6 +618,7 @@ DEPENDENCIES
   devise-bootstrap-views
   factory_bot_rails
   faraday
+  faraday-net_http_persistent
   http_accept_language
   i18n-js
   i18n-tasks
@@ -741,6 +747,7 @@ CHECKSUMS
   faraday (2.12.2) sha256=157339c25c7b8bcb739f5cf1207cb0cefe8fa1c65027266bcbc34c90c84b9ad6
   faraday-multipart (1.1.0) sha256=856b0f1c7316a4d6c052dd2eef5c42f887d56d93a171fe8880da1af064ca0751
   faraday-net_http (3.4.0) sha256=a1f1e4cd6a2cf21599c8221595e27582d9936819977bbd4089a601f24c64e54a
+  faraday-net_http_persistent (2.3.0) sha256=33d4948cabe9f8148222c4ca19634c71e1f25595cccf9da2e02ace8d754f1bb1
   ffi (1.17.1) sha256=26f6b0dbd1101e6ffc09d3ca640b2a21840cc52731ad8a7ded9fb89e5fb0fc39
   fugit (1.11.1) sha256=e89485e7be22226d8e9c6da411664d0660284b4b1c08cacb540f505907869868
   glob (0.4.1) sha256=e68e50419ffb7f896b39a483c1a37e7a1aa8f1a8c8ea13961f8cd1b50f40715d
@@ -787,6 +794,7 @@ CHECKSUMS
   nested_form (0.3.2) sha256=b1c468d7eac781235861c2f74fc9f675df0c4d915d5724aaf7fd29f7891c0538
   nested_form_fields (0.8.4) sha256=e3db8e935b40c6b6027ce65b10ee0c5cf575d1ba175be85154c81d4253635b19
   net-http (0.6.0) sha256=9621b20c137898af9d890556848c93603716cab516dc2c89b01a38b894e259fb
+  net-http-persistent (4.0.5) sha256=6e42880b347e650ffeaf679ae59c9d5a6ed8a22cda6e1b959d9c270050aefa8e
   net-imap (0.5.6) sha256=1ede8048ee688a14206060bf37a716d18cb6ea00855f6c9b15daee97ee51fbe5
   net-pop (0.1.2) sha256=848b4e982013c15b2f0382792268763b748cce91c9e91e36b0f27ed26420dff3
   net-protocol (0.2.2) sha256=aa73e0cba6a125369de9837b8d8ef82a61849360eba0521900e2c3713aa162a8

app/assets/javascripts/nbp_wallet.js

@@ -0,0 +1,52 @@
+let templateValidity = 0;
+let intervalID;
+let timeoutID;
+
+const checkStatus = async () => {
+  try {
+    const response = await fetch(Routes.nbp_wallet_relationship_status_users_path());
+    const json = await response.json();
+
+    if (json.status === 'ready' && window.location.pathname === Routes.nbp_wallet_connect_users_path()) {
+      window.location.pathname = Routes.nbp_wallet_finalize_users_path();
+      return;
+    }
+  } catch (error) {
+    console.error(error);
+  }
+  timeoutID = setTimeout(checkStatus, 1000);
+};
+
+const countdownValidity = () => {
+  if (templateValidity > 0) {
+    templateValidity -= 1;
+  }
+  if (templateValidity === 0 && window.location.pathname === Routes.nbp_wallet_connect_users_path()) {
+    window.location.reload();
+  }
+};
+
+window.addEventListener("turbolinks:before-render", () => {
+  clearInterval(intervalID);
+  clearTimeout(timeoutID);
+});
+
+window.addEventListener("beforeunload", () => {
+  clearInterval(intervalID);
+  clearTimeout(timeoutID);
+});
+
+$(document).on('turbolinks:load', function () {
+  if (window.location.pathname !== Routes.nbp_wallet_connect_users_path()) {
+    return;
+  }
+
+  document.querySelector('[data-behavior=reload-on-click]').addEventListener('click', () => {
+    window.location.reload();
+  });
+
+  // Subtract 5 seconds to make sure the displayed code is always valid (accounting for loading times)
+  templateValidity = document.querySelector('[data-id="nbp_wallet_qr_code"]').dataset.remainingValidity - 5;
+  checkStatus();
+  intervalID = setInterval(countdownValidity, 1000);
+});

app/assets/stylesheets/users.css.scss

@@ -10,7 +10,7 @@
   display: inline;
 }
 
-img.nbp_wallet_qr_code {
+img.pixelated {
   image-rendering: pixelated;
   width: 100%;
 }

app/controllers/application_controller.rb

@@ -78,8 +78,7 @@ def render_error(message, status) # rubocop:disable Metrics/AbcSize
     set_sentry_context
     respond_to do |format|
       format.any do
-        # Prevent redirect loop
-        if request.url == request.referer || request.referer&.match?(new_user_session_path)
+        if redirect_loop? || unauthorized_nbp_request?(status)
           redirect_to :root, alert: message
         elsif current_user.nil? && status == :unauthorized
           store_location_for(:user, request.fullpath) if current_user.nil?
@@ -92,6 +91,14 @@ def render_error(message, status) # rubocop:disable Metrics/AbcSize
     end
   end
 
+  def redirect_loop?
+    request.url == request.referer || request.referer&.match?(new_user_session_path)
+  end
+
+  def unauthorized_nbp_request?(status)
+    current_user.nil? && status == :unauthorized && instance_of?(Users::NbpWalletController)
+  end
+
   def mnemosyne_trace
     yield
   ensure

app/controllers/users/nbp_wallet_controller.rb

@@ -7,11 +7,11 @@ class NbpWalletController < ApplicationController
     skip_after_action :verify_authorized
 
     def connect
-      if Enmeshed::Relationship.pending_for_nbp_uid(@provider_uid).present?
+      if Enmeshed::Relationship.pending_for(@provider_uid).present?
         redirect_to nbp_wallet_finalize_users_path and return
       end
 
-      @template = Enmeshed::RelationshipTemplate.create!(nbp_uid: @provider_uid)
+      @relationship_template = Enmeshed::RelationshipTemplate.create!(nbp_uid: @provider_uid)
     rescue Enmeshed::ConnectorError, Faraday::Error => e
       Sentry.capture_exception(e)
       Rails.logger.debug { e }
@@ -24,7 +24,7 @@ def qr_code
     end
 
     def relationship_status
-      if Enmeshed::Relationship.pending_for_nbp_uid(@provider_uid).present?
+      if Enmeshed::Relationship.pending_for(@provider_uid).present?
         render json: {status: :ready}
       else
         render json: {status: :waiting}
@@ -36,8 +36,8 @@ def relationship_status
     end
 
     def finalize
-      relationship = Enmeshed::Relationship.pending_for_nbp_uid(@provider_uid)
-      abort_and_refresh(relationship) and return if relationship.blank?
+      relationship = Enmeshed::Relationship.pending_for(@provider_uid)
+      return abort_and_refresh(relationship) if relationship.blank?
 
       accept_and_create_user(relationship)
     rescue Enmeshed::ConnectorError, Faraday::Error => e
@@ -63,6 +63,7 @@ def accept_and_create_user(relationship) # rubocop:disable Metrics/AbcSize
 
         if relationship.accept!
           user.send_confirmation_instructions
+          session.clear # Clear the session to prevent the user from accessing the NBP Wallet page again
           redirect_to home_index_path, notice: t('devise.registrations.signed_up_but_unconfirmed')
         else
           abort_and_refresh(relationship)
@@ -85,6 +86,9 @@ def abort_and_refresh(relationship, reason = t('common.errors.generic'))
     def require_user!
       @provider_uid = session[:saml_uid]
       raise Pundit::NotAuthorizedError unless @provider_uid.present? && session[:omniauth_provider] == 'nbp'
+      # Already registered users should not be able to access this page
+      raise Pundit::NotAuthorizedError if User.joins(:identities)
+        .exists?(identities: {omniauth_provider: 'nbp', provider_uid: @provider_uid})
     end
   end
 end

app/views/users/nbp_wallet/connect.html.slim

@@ -5,15 +5,21 @@
 
 .row
   .col-8.col-md-4.col-lg-3
-    = link_to @template.url
-      = image_tag @template.qr_code_path, data: {'template-validity': @template.remaining_validity&.seconds}, alt: t('.qr_code_alt_text'), class: 'img-fluid nbp_wallet_qr_code'
-    = button_tag class: 'btn btn-primary regenerate-qr-code-button w-100 mt-3' do
+    = link_to @relationship_template.url
+      = image_tag @relationship_template.qr_code_path,
+        data: {id: 'nbp_wallet_qr_code', 'remaining-validity': @relationship_template.remaining_validity.seconds},
+        alt: t('.qr_code_alt_text'),
+        class: 'img-fluid pixelated'
+    .btn.btn-primary.w-100.mt-3 data-behavior='reload-on-click'
       = t('.regenerate_code')
     = link_to destroy_user_session_path, method: :delete, class: 'btn btn-outline-danger w-100 mt-3'
       =  t('.cancel_registration')
   .col-8.col-md-6.mt-3.ms-md-3.mt-md-0
     p.fs-6
-      = t('.info_html', alternative_link: @template.url, app_store_link: @template.app_store_link, play_store_link: @template.play_store_link)
+      = t('.info_html',
+        alternative_link: @relationship_template.url,
+        app_store_link: @relationship_template.app_store_link,
+        play_store_link: @relationship_template.play_store_link)
 
 hr.mt-5
 h5

config/routes.rb

@@ -36,7 +36,7 @@
     collection do
       get '/nbp_wallet/connect', to: 'users/nbp_wallet#connect'
       get '/nbp_wallet/qr_code', to: 'users/nbp_wallet#qr_code'
-      get '/nbp_wallet/relationship_status', to: 'users/nbp_wallet#relationship_status'
+      get '/nbp_wallet/relationship_status', to: 'users/nbp_wallet#relationship_status', defaults: {format: :json}
       get '/nbp_wallet/finalize', to: 'users/nbp_wallet#finalize'
     end
   end