demarches-normaliennes/app/controllers/administrateurs/activate_controller.rb

require 'zxcvbn'

class Administrateurs::ActivateController < ApplicationController
  include TrustedDeviceConcern

  def new
    @administrateur = Administrateur.find_inactive_by_token(params[:token])

    if @administrateur
      # the administrateur activates its account from an email
      trust_device(Time.zone.now)
    else
      flash.alert = "Le lien de validation d'administrateur a expiré, #{helpers.contact_link('contactez-nous', tags: 'lien expiré')} pour obtenir un nouveau lien."
      redirect_to root_path
    end
  end

  def create
    password = update_administrateur_params[:password]
    administrateur = Administrateur.reset_password(
      update_administrateur_params[:reset_password_token],
      password
    )

    if administrateur && administrateur.errors.empty?
      sign_in(administrateur, scope: :administrateur)
      try_to_authenticate(User, administrateur.email, password)
      try_to_authenticate(Gestionnaire, administrateur.email, password)
      flash.notice = "Mot de passe enregistré"
      redirect_to admin_procedures_path
    else
      flash.alert = administrateur.errors.full_messages
      redirect_to admin_activate_path(token: update_administrateur_params[:reset_password_token])
    end
  end

  def test_password_strength
    @score = Zxcvbn.test(params[:administrateur][:password], [], ZXCVBN_DICTIONNARIES).score
  end

  private

  def update_administrateur_params
    params.require(:administrateur).permit(:reset_password_token, :password)
  end

  def try_to_authenticate(klass, email, password)
    resource = klass.find_for_database_authentication(email: email)

    if resource&.valid_password?(password)
      sign_in resource
      resource.force_sync_credentials
    end
  end
end
[Fix #1285] Create an endpoint to check password strength 2018-09-26 09:01:33 +02:00			`require 'zxcvbn'`

Create administrateurs with invitation link and no password 2018-01-11 14:18:17 +01:00			`class Administrateurs::ActivateController < ApplicationController`
Session: add trusted_device cookie 2018-10-30 18:24:29 +01:00			`include TrustedDeviceConcern`

Create administrateurs with invitation link and no password 2018-01-11 14:18:17 +01:00			`def new`
			`@administrateur = Administrateur.find_inactive_by_token(params[:token])`

Session: add trusted_device cookie 2018-10-30 18:24:29 +01:00			`if @administrateur`
			`# the administrateur activates its account from an email`
Fix sentry 230 2019-02-19 12:40:19 +01:00			`trust_device(Time.zone.now)`
Session: add trusted_device cookie 2018-10-30 18:24:29 +01:00			`else`
Use helpers rather then view_context 2018-09-18 12:06:27 +02:00			`flash.alert = "Le lien de validation d'administrateur a expiré, #{helpers.contact_link('contactez-nous', tags: 'lien expiré')} pour obtenir un nouveau lien."`
Create administrateurs with invitation link and no password 2018-01-11 14:18:17 +01:00			`redirect_to root_path`
			`end`
			`end`

			`def create`
After activating an admin account, log them into all of their roles 2018-04-11 17:15:44 +02:00			`password = update_administrateur_params[:password]`
Create administrateurs with invitation link and no password 2018-01-11 14:18:17 +01:00			`administrateur = Administrateur.reset_password(`
			`update_administrateur_params[:reset_password_token],`
After activating an admin account, log them into all of their roles 2018-04-11 17:15:44 +02:00			`password`
Create administrateurs with invitation link and no password 2018-01-11 14:18:17 +01:00			`)`

			`if administrateur && administrateur.errors.empty?`
			`sign_in(administrateur, scope: :administrateur)`
After activating an admin account, log them into all of their roles 2018-04-11 17:15:44 +02:00			`try_to_authenticate(User, administrateur.email, password)`
			`try_to_authenticate(Gestionnaire, administrateur.email, password)`
Create administrateurs with invitation link and no password 2018-01-11 14:18:17 +01:00			`flash.notice = "Mot de passe enregistré"`
			`redirect_to admin_procedures_path`
			`else`
			`flash.alert = administrateur.errors.full_messages`
			`redirect_to admin_activate_path(token: update_administrateur_params[:reset_password_token])`
			`end`
			`end`

[Fix #1285] Create an endpoint to check password strength 2018-09-26 09:01:33 +02:00			`def test_password_strength`
Replace password strength js with ujs 2018-09-27 15:11:22 +02:00			`@score = Zxcvbn.test(params[:administrateur][:password], [], ZXCVBN_DICTIONNARIES).score`
[Fix #1285] Create an endpoint to check password strength 2018-09-26 09:01:33 +02:00			`end`

Create administrateurs with invitation link and no password 2018-01-11 14:18:17 +01:00			`private`

			`def update_administrateur_params`
			`params.require(:administrateur).permit(:reset_password_token, :password)`
			`end`
After activating an admin account, log them into all of their roles 2018-04-11 17:15:44 +02:00
			`def try_to_authenticate(klass, email, password)`
			`resource = klass.find_for_database_authentication(email: email)`

			`if resource&.valid_password?(password)`
			`sign_in resource`
			`resource.force_sync_credentials`
			`end`
			`end`
Create administrateurs with invitation link and no password 2018-01-11 14:18:17 +01:00			`end`