Skip to content

Commit

Permalink
Merge pull request #384 from neutronz/feature/allow-ovverrides-for-cu…
Browse files Browse the repository at this point in the history 
…stom-json

Implement hook methods for customized json rendering
  • Loading branch information
@lynndylanhurley
lynndylanhurley committed Sep 24, 2015
2 parents 76da2da + 53cfe4b commit 2a3cb88
Show file tree
Hide file tree
Showing 13 changed files with 364 additions and 144 deletions.
41 changes: 40 additions & 1 deletion README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -667,6 +667,45 @@ module Overrides
end
~~~

## Overriding rendering methods
To customize json rendering, implement the following protected controller methods, for success methods, assume that the @resource object is available:

### Registrations Controller
* render_create_error_missing_confirm_success_url
* render_create_error_redirect_url_not_allowed
* render_create_success
* render_create_error
* render_create_error_email_already_exists
* render_update_success
* render_update_error
* render_update_error_user_not_found


### Sessions Controller
* render_new_error
* render_create_success
* render_create_error_not_confirmed
* render_create_error_bad_credentials
* render_destroy_success
* render_destroy_error


### Passwords Controller
* render_create_error_missing_email
* render_create_error_missing_redirect_url
* render_create_error_not_allowed_redirect_url
* render_create_success
* render_create_error
* render_update_error_unauthorized
* render_update_error_password_not_required
* render_update_error_missing_password
* render_update_success
* render_update_error

### Token Validations Controller
* render_validate_token_success
* render_validate_token_error

##### Example: all :controller options with default settings:

~~~ruby
Expand Down Expand Up @@ -883,7 +922,7 @@ To run just one test:
2. Run `bundle install`
3. Run `rake db:migrate`
4. Run `RAILS_ENV=test rake db:migrate`
5. See this link for various ways to run a single file or a single test: http://flavio.castelli.name/2010/05/28/rails_execute_single_test/
5. See this link for various ways to run a single file or a single test: http://flavio.castelli.name/2010/05/28/rails_execute_single_test/

# License
This project uses the WTFPL
169 changes: 106 additions & 63 deletions app/controllers/devise_token_auth/passwords_controller.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,41 +7,31 @@ class PasswordsController < DeviseTokenAuth::ApplicationController
# sending emails
def create
unless resource_params[:email]
return render json: {
success: false,
errors: [I18n.t("devise_token_auth.passwords.missing_email")]
}, status: 401
return render_create_error_missing_email
end

# give redirect value from params priority
redirect_url = params[:redirect_url]
@redirect_url = params[:redirect_url]

# fall back to default value if provided
redirect_url ||= DeviseTokenAuth.default_password_reset_url
@redirect_url ||= DeviseTokenAuth.default_password_reset_url

unless redirect_url
return render json: {
success: false,
errors: [I18n.t("devise_token_auth.passwords.missing_redirect_url")]
}, status: 401
unless @redirect_url
return render_create_error_missing_redirect_url
end

# if whitelist is set, validate redirect_url against whitelist
if DeviseTokenAuth.redirect_whitelist
unless DeviseTokenAuth.redirect_whitelist.include?(redirect_url)
return render json: {
status: 'error',
data: @resource.as_json,
errors: [I18n.t("devise_token_auth.passwords.not_allowed_redirect_url", redirect_url: redirect_url)]
}, status: 403
unless DeviseTokenAuth.redirect_whitelist.include?(@redirect_url)
return render_create_error_not_allowed_redirect_url
end
end

# honor devise configuration for case_insensitive_keys
if resource_class.case_insensitive_keys.include?(:email)
email = resource_params[:email].downcase
@email = resource_params[:email].downcase
else
email = resource_params[:email]
@email = resource_params[:email]
end

q = "uid = ? AND provider='email'"
Expand All @@ -51,42 +41,35 @@ def create
q = "BINARY uid = ? AND provider='email'"
end

@resource = resource_class.where(q, email).first
@resource = resource_class.where(q, @email).first

errors = nil
error_status = 400
@errors = nil
@error_status = 400

if @resource
yield if block_given?
@resource.send_reset_password_instructions({
email: email,
email: @email,
provider: 'email',
redirect_url: redirect_url,
redirect_url: @redirect_url,
client_config: params[:config_name]
})

if @resource.errors.empty?
render json: {
success: true,
message: I18n.t("devise_token_auth.passwords.sended", email: email)
}
return render_create_success
else
errors = @resource.errors
@errors = @resource.errors
end
else
errors = [I18n.t("devise_token_auth.passwords.user_not_found", email: email)]
error_status = 404
@errors = [I18n.t("devise_token_auth.passwords.user_not_found", email: @email)]
@error_status = 404
end

if errors
render json: {
success: false,
errors: errors,
}, status: error_status
if @errors
return render_create_error
end
end


# this is where users arrive after visiting the password reset confirmation link
def edit
@resource = resource_class.reset_password_by_token({
Expand Down Expand Up @@ -117,51 +100,31 @@ def edit
config: params[:config]
}))
else
render json: {
success: false
}, status: 404
render_edit_error
end
end

def update
# make sure user is authorized
unless @resource
return render json: {
success: false,
errors: ['Unauthorized']
}, status: 401
return render_update_error_unauthorized
end

# make sure account doesn't use oauth2 provider
unless @resource.provider == 'email'
return render json: {
success: false,
errors: [I18n.t("devise_token_auth.passwords.password_not_required", provider: @resource.provider.humanize)]
}, status: 422
return render_update_error_password_not_required
end

# ensure that password params were sent
unless password_resource_params[:password] and password_resource_params[:password_confirmation]
return render json: {
success: false,
errors: [I18n.t("devise_token_auth.passwords.missing_passwords")]
}, status: 422
return render_update_error_missing_password
end

if @resource.send(resource_update_method, password_resource_params)
yield if block_given?
return render json: {
success: true,
data: {
user: @resource,
message: I18n.t("devise_token_auth.passwords.successfully_updated")
}
}
return render_update_success
else
return render json: {
success: false,
errors: @resource.errors.to_hash.merge(full_messages: @resource.errors.full_messages)
}, status: 422
return render_update_error
end
end

Expand All @@ -175,6 +138,86 @@ def resource_update_method
end
end

def render_create_error_missing_email
render json: {
success: false,
errors: [I18n.t("devise_token_auth.passwords.missing_email")]
}, status: 401
end

def render_create_error_missing_redirect_url
render json: {
success: false,
errors: [I18n.t("devise_token_auth.passwords.missing_redirect_url")]
}, status: 401
end

def render_create_error_not_allowed_redirect_url
render json: {
status: 'error',
data: @resource.as_json,
errors: [I18n.t("devise_token_auth.passwords.not_allowed_redirect_url", redirect_url: @redirect_url)]
}, status: 403
end

def render_create_success
render json: {
success: true,
message: I18n.t("devise_token_auth.passwords.sended", email: @email)
}
end

def render_create_error
render json: {
success: false,
errors: @errors,
}, status: @error_status
end

def render_edit_error
render json: {
success: false
}, status: 404
end

def render_update_error_unauthorized
render json: {
success: false,
errors: ['Unauthorized']
}, status: 401
end

def render_update_error_password_not_required
render json: {
success: false,
errors: [I18n.t("devise_token_auth.passwords.password_not_required", provider: @resource.provider.humanize)]
}, status: 422
end

def render_update_error_missing_password
render json: {
success: false,
errors: [I18n.t("devise_token_auth.passwords.missing_passwords")]
}, status: 422
end

def render_update_success
render json: {
success: true,
data: {
user: @resource,
message: I18n.t("devise_token_auth.passwords.successfully_updated")
}
}
end

def render_update_error
return render json: {
success: false,
errors: @resource.errors.to_hash.merge(full_messages: @resource.errors.full_messages)
}, status: 422
end

private

def resource_params
Expand Down
Loading

0 comments on commit 2a3cb88

Please sign in to comment.