Merge pull request #373 from munen/feature/88031948/emails-confirmable

emails need to be confirmed

app/assets/stylesheets/main.scss

@@ -124,6 +124,26 @@ span[class^="icon-"]{
   }
 }
 
+.notice {
+  position: absolute;
+  z-index:10000;
+  top:30px;
+  right: 50%;
+  margin-right: -200px;
+  width: 400px;
+  text-align: center;
+  > div{
+    background: #F9EDBE;
+    color: black;
+    font-size: 0.8rem;
+    font-weight: bold;
+    padding: 3px 6px;
+    border: 1px solid #F0C36D;
+    display: inline-block;
+    border-radius: 2px;
+  }
+}
+
 .error{
   label{
     color: $color-black-title;

app/controllers/users/omniauth_callbacks_controller.rb

@@ -8,11 +8,11 @@ def facebook
     @user = User.find_for_facebook_oauth(request.env["omniauth.auth"], current_user)
 
     unless @user.valid?
-      logger.warn("OmniAuthCallbacks#facebook - user invalid: @user.inspect")
+      logger.warn("OmniAuthCallbacks#facebook - user invalid: #{@user.errors.inspect}")
       flash[:error] = @user.errors.full_message(:email, "is in use")
       redirect_to new_user_registration_url and return
     end
-    
+
     if @user.persisted?
       flash[:notice] = I18n.t "devise.omniauth_callbacks.success", :kind => "Facebook"
       remember_me(@user)

app/models/user.rb

@@ -61,16 +61,10 @@ class User < ActiveRecord::Base
 
   acts_as_token_authenticatable
 
-  # Include default devise modules. Others available are:
-  # :token_authenticatable, :confirmable,
-  # :lockable, :timeoutable and :omniauthable
-  # see config/initializers/warden.rb for overwritten
-  # callbacks in case of authentication or logout
-  # to set the default online/offline/busy - state of user
   devise :database_authenticatable, :registerable, :omniauthable,
-    :recoverable, :rememberable, :trackable, :validatable #, :timeoutable
+    :recoverable, :rememberable, :trackable, :validatable, :confirmable
 
-  validates :email, uniqueness: true, presence: true
+  validates :email, uniqueness: true
   validates :firstname, presence: true, length: { minimum: 1, maximum: 100 }
   validates :lastname, presence: true, length: { minimum: 1, maximum: 100 }
   validates :summary, length: { maximum: 255 }
@@ -110,15 +104,17 @@ class << self
     def find_for_facebook_oauth(auth, signed_in_resource=nil)
       user = User.where(:provider => auth[:provider], :uid => auth[:uid]).first
       unless user
-        user = User.create( lastname: auth[:extra][:raw_info][:last_name],
+        user = User.new( lastname: auth[:extra][:raw_info][:last_name],
                             firstname: auth[:extra][:raw_info][:first_name],
                             provider: auth[:provider],
                             website: auth[:info][:urls][:Facebook],
                             uid: auth[:uid],
                             email: auth[:info][:email],
                             password: Devise.friendly_token[0,20] )
+        user.confirm!
       end
-      user
+
+      user.reload
     end
   end
 
@@ -191,4 +187,10 @@ def set_penalty!(penalty, deep=true)
     venues.each { |venue| venue.set_penalty!(penalty) }
   end
 
+  protected
+
+  def reconfirmation_required?
+    provider != 'facebook' && super
+  end
+
 end

app/views/devise/confirmations/new.html.haml

@@ -0,0 +1,17 @@
+.top-margin-action-bar.row
+  .large-12.columns
+    %h2(style='color: black') Resend confirmation instructions
+
+    = form_for(resource, as: resource_name, url: confirmation_path(resource_name), html: { method: :post }) do |f|
+      = devise_error_messages!
+
+      %div
+        = f.label :email
+        %br
+        = f.email_field :email
+
+      %div= f.submit "Resend confirmation instructions", class: 'button-vr'
+
+    %br
+    %br
+    = render "devise/shared/links"

app/views/layouts/application.html.erb

@@ -24,6 +24,7 @@
   <body class="<%= [controller_name, action_name] * '-' %>">
     <%= render "shared/how_to_use_vr" %>
     <%= render "shared/actionbar" %>
+    <%= render "shared/unconfirmed" if @current_user && !@current_user.confirmed? %>
     <%= render "shared/notice_or_error" %>
 
     <%= yield %>

app/views/shared/_unconfirmed.html.haml

@@ -0,0 +1,4 @@
+.notice.row
+  .medium-12.columns
+    .flash-warning
+      = t('.notice')

config/initializers/devise.rb

@@ -92,7 +92,7 @@
   # able to access the website for two days without confirming his account,
   # access will be blocked just in the third day. Default is 0.days, meaning
   # the user cannot access the website without confirming his account.
-  # config.allow_unconfirmed_access_for = 2.days
+  config.allow_unconfirmed_access_for = 3.days
 
   # If true, requires any email changes to be confirmed (exactly the same way as
   # initial account confirmation) to be applied. Requires additional unconfirmed_email

config/locales/en.yml

@@ -737,6 +737,10 @@ en:
       recently_archived: RECENTLY ARCHIVED
       no_results: Sorry, no results.
   shared:
+    unconfirmed:
+      notice: |
+        You haven't confirmed your email address, yet. Please check
+        your emails and follow the link we sent you.
     how_to_use_vr:
       create_talk: Create Talk
       check_pricing: Check our pricing

db/migrate/20150216154221_add_confirmability_to_users.rb

@@ -0,0 +1,13 @@
+class AddConfirmabilityToUsers < ActiveRecord::Migration
+
+  def change
+    change_table(:users) do |t|
+      # Confirmable
+      t.string   :confirmation_token
+      t.datetime :confirmed_at
+      t.datetime :confirmation_sent_at
+      t.string   :unconfirmed_email # Only if using reconfirmable
+    end
+  end
+
+end

db/migrate/20150217112720_add_index_and_data_migration_to_users.rb

@@ -0,0 +1,10 @@
+class AddIndexAndDataMigrationToUsers < ActiveRecord::Migration
+  def change
+
+    add_index :users, :confirmation_token, unique: true
+
+    # set all existing users to confirmed
+    execute("UPDATE users SET confirmed_at = NOW()")
+
+  end
+end

db/schema.rb

@@ -64,8 +64,8 @@
   create_table "comments", force: true do |t|
     t.text     "content"
     t.integer  "user_id",          null: false
-    t.datetime "created_at"
-    t.datetime "updated_at"
+    t.datetime "created_at",       null: false
+    t.datetime "updated_at",       null: false
     t.integer  "commentable_id"
     t.string   "commentable_type"
   end
@@ -110,8 +110,8 @@
   create_table "participations", force: true do |t|
     t.integer  "venue_id"
     t.integer  "user_id"
-    t.datetime "created_at"
-    t.datetime "updated_at"
+    t.datetime "created_at", null: false
+    t.datetime "updated_at", null: false
   end
 
   add_index "participations", ["user_id"], name: "index_participations_on_user_id", using: :btree
@@ -211,8 +211,9 @@
     t.string   "language",           default: "en"
     t.string   "slug"
     t.string   "speakers"
-    t.string   "user_override_uuid"
+    t.string   "slides_uid"
     t.text     "edit_config"
+    t.string   "user_override_uuid"
     t.float    "popularity",         default: 1.0
     t.float    "penalty",            default: 1.0
   end
@@ -225,8 +226,8 @@
   create_table "users", force: true do |t|
     t.string   "firstname"
     t.string   "lastname"
-    t.datetime "created_at"
-    t.datetime "updated_at"
+    t.datetime "created_at",                           null: false
+    t.datetime "updated_at",                           null: false
     t.string   "email",                  default: "",  null: false
     t.string   "encrypted_password",     default: "",  null: false
     t.string   "reset_password_token"
@@ -252,18 +253,23 @@
     t.integer  "default_venue_id"
     t.string   "summary"
     t.float    "penalty",                default: 1.0
+    t.string   "confirmation_token"
+    t.datetime "confirmed_at"
+    t.datetime "confirmation_sent_at"
+    t.string   "unconfirmed_email"
   end
 
   add_index "users", ["authentication_token"], name: "index_users_on_authentication_token", using: :btree
+  add_index "users", ["confirmation_token"], name: "index_users_on_confirmation_token", unique: true, using: :btree
   add_index "users", ["email"], name: "index_users_on_email", unique: true, using: :btree
   add_index "users", ["reset_password_token"], name: "index_users_on_reset_password_token", unique: true, using: :btree
   add_index "users", ["slug"], name: "index_users_on_slug", unique: true, using: :btree
 
   create_table "venues", force: true do |t|
     t.text     "description"
     t.string   "title"
-    t.datetime "created_at"
-    t.datetime "updated_at"
+    t.datetime "created_at",                       null: false
+    t.datetime "updated_at",                       null: false
     t.string   "teaser"
     t.integer  "user_id"
     t.text     "options",     default: "--- {}\n"

spec/controllers/users_controller_spec.rb

@@ -56,4 +56,6 @@
     end
   end
 
+
+
 end

spec/factories.rb

@@ -1,4 +1,6 @@
 # Read about factories at https://github.com/thoughtbot/factory_girl
+
+# TODO remove faker, it slows things down, while not having any benefits!
 require 'faker'
 
 include ActionDispatch::TestProcess
@@ -14,7 +16,16 @@
     user
   end
 
+  # the default user is a confirmed user, if you need an unconfirmed
+  # user use the trait `unconfirmed`, as in...
+  #
+  #   FactoryGirl.create(:user, :unconfirmed)
+  #
   factory :user do
+    ignore do
+      unconfirmed false
+    end
+
     email { Faker::Internet.email }
     firstname { Faker::Name.first_name }
     lastname { Faker::Name.last_name }
@@ -23,6 +34,14 @@
     password secret
     password_confirmation secret
     timezone 'Berlin'
+
+    trait :unconfirmed do
+      unconfirmed true
+    end
+
+    after(:create) do |user, evaluator|
+      user.confirm! unless evaluator.unconfirmed
+    end
   end
 
   factory :comment do

spec/features/users_spec.rb

@@ -158,6 +158,7 @@
       page.click_link 'REGISTER WITH FACEBOOK'
       page.should have_content "Successfully authenticated from Facebook account"
       User.where(guest: nil).count.should eq(1)
+      User.last.email.should_not be_nil
     end
 
     scenario 'user logs in with facebook' do

spec/models/talk_spec.rb

@@ -230,8 +230,9 @@
   end
 
   it 'does not send email with option no_emails' do
+    user = FactoryGirl.create(:user)
     ActionMailer::Base.deliveries = []
-    venue = FactoryGirl.create(:venue, options: { no_email: true })
+    venue = FactoryGirl.create(:venue, user: user, options: { no_email: true })
     talk = FactoryGirl.create(:talk, venue: venue)
     ActionMailer::Base.deliveries.should be_empty
   end

spec/models/user_spec.rb

@@ -16,6 +16,13 @@
     FactoryGirl.build(:user, lastname: nil).should_not be_valid
   end
 
+  it 'should be confirmable' do
+    user = FactoryGirl.create(:user, :unconfirmed)
+    expect(user).to_not be_confirmed
+    user.confirm!
+    expect(user).to be_confirmed
+  end
+
   describe 'determines its role to a given talk' do
     let(:user) { FactoryGirl.create(:user) }
     it 'detects being a host' do