Revert "Refine controllers"

This reverts commit 3e38630eb45ec494e25aa9fb3435e8b7655a60a6.
2024-11-30 10:44:21 +01:00 · 2024-11-30 10:44:21 +01:00 · a30328305f
commit a30328305f
parent 775e6146ab
3 changed files with 25 additions and 18 deletions
--- a/app/controllers/passwords_controller.rb
+++ b/app/controllers/passwords_controller.rb
@ -2,29 +2,34 @@

 class PasswordsController < ApplicationController
  allow_unauthenticated_access
-  before_action :set_user_by_token, only: :update
+  before_action :set_user_by_token, only: %i[ edit update ]
+
+  def new
+  end

  def create
    if user = User.find_by(email_address: params[:email_address])
      PasswordsMailer.reset(user).deliver_later
    end

-    render json: {}, status: :ok
+    redirect_to new_session_path, notice: "Password reset instructions sent (if user with that email address exists)."
+  end
+
+  def edit
  end

  def update
    if @user.update(params.permit(:password, :password_confirmation))
-      render json: {}, status: :ok
+      redirect_to new_session_path, notice: "Password has been reset."
    else
-      render json: { errors: @user.errors.full_messages }, status: :unprocessable_entity
+      redirect_to edit_password_path(params[:token]), alert: "Passwords did not match."
    end
  end

  private
-
-  def set_user_by_token
-    @user = User.find_by_password_reset_token!(params[:token])
-  rescue ActiveSupport::MessageVerifier::InvalidSignature
-    redirect_to new_password_path, alert: 'Password reset link is invalid or has expired.'
-  end
+    def set_user_by_token
+      @user = User.find_by_password_reset_token!(params[:token])
+    rescue ActiveSupport::MessageVerifier::InvalidSignature
+      redirect_to new_password_path, alert: "Password reset link is invalid or has expired."
+    end
 end
--- a/app/controllers/sessions_controller.rb
+++ b/app/controllers/sessions_controller.rb
@ -1,21 +1,23 @@
 # Copyright (C) 2024 Manuel Bustillo

 class SessionsController < ApplicationController
-  allow_unauthenticated_access only: :create
-  rate_limit to: 10, within: 3.minutes, only: :create,
-             with: -> { render json: { errors: ['Rate limit exceeded'] }, status: :too_many_requests }
+  allow_unauthenticated_access only: %i[ new create ]
+  rate_limit to: 10, within: 3.minutes, only: :create, with: -> { redirect_to new_session_url, alert: "Try again later." }
+
+  def new
+  end

  def create
    if user = User.authenticate_by(params.permit(:email_address, :password))
      start_new_session_for user
-      render json: {}, status: :created
+      redirect_to after_authentication_url
    else
-      render json: { errors: ['Invalid email address or password'] }, status: :unauthorized
+      redirect_to new_session_path, alert: "Try another email address or password."
    end
  end

  def destroy
    terminate_session
-    render json: {}, status: :ok
+    redirect_to new_session_path
  end
 end
--- a/config/routes.rb
+++ b/config/routes.rb
@ -1,8 +1,8 @@
 # Copyright (C) 2024 Manuel Bustillo

 Rails.application.routes.draw do
-  resource :session, only: %i[create destroy]
-  resources :passwords, param: :token, only: %w[create update]
+  resource :session
+  resources :passwords, param: :token
  mount Rswag::Ui::Engine => '/api-docs'
  mount Rswag::Api::Engine => '/api-docs'
  resources :groups, only: :index