2021-03-02 02:39:47 +09:00
# frozen_string_literal: true
class Api :: V1 :: Emails :: ConfirmationsController < Api :: BaseController
2023-05-17 01:03:52 +09:00
before_action - > { authorize_if_got_token! :read , :'read:accounts' } , only : :check
before_action - > { doorkeeper_authorize! :write , :'write:accounts' } , except : :check
before_action :require_user_owned_by_application! , except : :check
before_action :require_user_not_confirmed! , except : :check
2023-07-02 07:05:44 +09:00
before_action :require_authenticated_user! , only : :check
2021-03-02 02:39:47 +09:00
def create
2021-06-03 04:07:50 +09:00
current_user . update! ( email : params [ :email ] ) if params . key? ( :email )
current_user . resend_confirmation_instructions
2021-03-25 10:46:13 +09:00
2021-03-02 02:39:47 +09:00
render_empty
end
2023-05-17 01:03:52 +09:00
def check
render json : current_user . confirmed?
end
2021-03-02 02:39:47 +09:00
private
def require_user_owned_by_application!
2023-02-20 11:16:40 +09:00
render json : { error : 'This method is only available to the application the user originally signed-up with' } , status : 403 unless current_user && current_user . created_by_application_id == doorkeeper_token . application_id
2021-03-02 02:39:47 +09:00
end
2021-06-03 04:07:50 +09:00
def require_user_not_confirmed!
2023-02-20 11:16:40 +09:00
render json : { error : 'This method is only available while the e-mail is awaiting confirmation' } , status : 403 unless ! current_user . confirmed? || current_user . unconfirmed_email . present?
2021-06-03 04:07:50 +09:00
end
2021-03-02 02:39:47 +09:00
end