2015-12-09 15:10:11 +01:00
|
|
|
|
class Users::SessionsController < Sessions::SessionsController
|
2018-10-30 18:24:29 +01:00
|
|
|
|
include TrustedDeviceConcern
|
|
|
|
|
include ActionView::Helpers::DateHelper
|
|
|
|
|
|
2017-06-12 15:12:51 +02:00
|
|
|
|
# GET /resource/sign_in
|
2016-02-15 17:13:16 +01:00
|
|
|
|
def new
|
2018-01-11 19:04:39 +01:00
|
|
|
|
if user_return_to_procedure_id.present? # WTF ?
|
2016-06-09 17:49:38 +02:00
|
|
|
|
@dossier = Dossier.new(procedure: Procedure.active(user_return_to_procedure_id))
|
2016-05-26 15:59:50 +02:00
|
|
|
|
end
|
|
|
|
|
|
2016-02-15 17:13:16 +01:00
|
|
|
|
@user = User.new
|
2016-05-26 15:59:50 +02:00
|
|
|
|
rescue ActiveRecord::RecordNotFound
|
|
|
|
|
error_procedure
|
2016-02-15 17:13:16 +01:00
|
|
|
|
end
|
2015-09-23 10:02:01 +02:00
|
|
|
|
|
2018-01-15 19:14:09 +01:00
|
|
|
|
# POST /resource/sign_in
|
2015-10-07 14:19:16 +02:00
|
|
|
|
def create
|
2017-03-07 10:15:33 +01:00
|
|
|
|
remember_me = params[:user][:remember_me] == '1'
|
|
|
|
|
try_to_authenticate(User, remember_me)
|
|
|
|
|
try_to_authenticate(Gestionnaire, remember_me)
|
|
|
|
|
try_to_authenticate(Administrateur, remember_me)
|
2015-10-07 14:19:16 +02:00
|
|
|
|
|
2016-10-11 11:12:45 +02:00
|
|
|
|
if user_signed_in?
|
2019-01-09 11:18:53 +01:00
|
|
|
|
current_user.update(loged_in_with_france_connect: nil)
|
2016-10-11 11:12:45 +02:00
|
|
|
|
end
|
|
|
|
|
|
2018-10-03 11:11:02 +02:00
|
|
|
|
if gestionnaire_signed_in?
|
2018-11-08 17:14:24 +01:00
|
|
|
|
if trusted_device? || !current_gestionnaire.feature_enabled?(:enable_email_login_token)
|
2018-11-08 14:39:23 +01:00
|
|
|
|
set_flash_message :notice, :signed_in
|
2018-11-16 15:07:04 +01:00
|
|
|
|
redirect_to after_sign_in_path_for(:user)
|
2018-10-30 18:24:29 +01:00
|
|
|
|
else
|
|
|
|
|
gestionnaire = current_gestionnaire
|
2019-01-10 10:41:03 +01:00
|
|
|
|
|
|
|
|
|
send_login_token_or_bufferize(gestionnaire)
|
2018-10-03 11:11:02 +02:00
|
|
|
|
|
2018-10-30 18:24:29 +01:00
|
|
|
|
[:user, :gestionnaire, :administrateur].each { |role| sign_out(role) }
|
2018-10-03 11:11:02 +02:00
|
|
|
|
|
2018-10-30 18:24:29 +01:00
|
|
|
|
redirect_to link_sent_path(email: gestionnaire.email)
|
|
|
|
|
end
|
2018-10-03 11:11:02 +02:00
|
|
|
|
elsif user_signed_in?
|
2018-11-08 14:39:23 +01:00
|
|
|
|
set_flash_message :notice, :signed_in
|
2016-10-11 11:12:45 +02:00
|
|
|
|
redirect_to after_sign_in_path_for(:user)
|
|
|
|
|
else
|
2017-01-02 09:38:49 +01:00
|
|
|
|
flash.alert = 'Mauvais couple login / mot de passe'
|
2016-10-11 11:12:45 +02:00
|
|
|
|
new
|
|
|
|
|
render :new, status: 401
|
|
|
|
|
end
|
2015-10-07 14:19:16 +02:00
|
|
|
|
end
|
2015-09-23 10:02:01 +02:00
|
|
|
|
|
2018-10-03 11:11:02 +02:00
|
|
|
|
def link_sent
|
|
|
|
|
@email = params[:email]
|
|
|
|
|
end
|
|
|
|
|
|
2017-06-12 15:12:51 +02:00
|
|
|
|
# DELETE /resource/sign_out
|
2015-10-07 16:38:29 +02:00
|
|
|
|
def destroy
|
2018-10-01 13:24:37 +02:00
|
|
|
|
if gestionnaire_signed_in?
|
|
|
|
|
sign_out :gestionnaire
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
if administrateur_signed_in?
|
|
|
|
|
sign_out :administrateur
|
|
|
|
|
end
|
2015-10-07 16:38:29 +02:00
|
|
|
|
|
2016-10-11 11:12:45 +02:00
|
|
|
|
if user_signed_in?
|
|
|
|
|
connected_with_france_connect = current_user.loged_in_with_france_connect
|
2018-03-02 16:27:03 +01:00
|
|
|
|
current_user.update(loged_in_with_france_connect: '')
|
2015-10-07 16:38:29 +02:00
|
|
|
|
|
2016-10-11 11:12:45 +02:00
|
|
|
|
sign_out :user
|
|
|
|
|
|
2017-04-05 10:22:37 +02:00
|
|
|
|
case connected_with_france_connect
|
2018-08-28 11:41:37 +02:00
|
|
|
|
when User.loged_in_with_france_connects.fetch(:particulier)
|
2018-01-11 14:04:24 +01:00
|
|
|
|
redirect_to FRANCE_CONNECT[:particulier][:logout_endpoint]
|
2016-10-11 11:12:45 +02:00
|
|
|
|
return
|
|
|
|
|
end
|
2015-10-07 16:38:29 +02:00
|
|
|
|
end
|
2016-10-11 11:12:45 +02:00
|
|
|
|
|
|
|
|
|
respond_to_on_destroy
|
2015-10-07 16:38:29 +02:00
|
|
|
|
end
|
2015-09-23 10:02:01 +02:00
|
|
|
|
|
2016-05-26 15:59:50 +02:00
|
|
|
|
def no_procedure
|
|
|
|
|
session['user_return_to'] = nil
|
|
|
|
|
redirect_to new_user_session_path
|
|
|
|
|
end
|
|
|
|
|
|
2018-10-03 11:11:02 +02:00
|
|
|
|
def sign_in_by_link
|
|
|
|
|
gestionnaire = Gestionnaire.find(params[:id])
|
|
|
|
|
if gestionnaire&.login_token_valid?(params[:jeton])
|
2018-10-30 18:24:29 +01:00
|
|
|
|
trust_device
|
|
|
|
|
flash.notice = "Merci d’avoir confirmé votre connexion. Votre navigateur est maintenant authentifié pour #{TRUSTED_DEVICE_PERIOD.to_i / ActiveSupport::Duration::SECONDS_PER_DAY} jours."
|
|
|
|
|
|
2018-10-03 11:11:02 +02:00
|
|
|
|
user = User.find_by(email: gestionnaire.email)
|
|
|
|
|
administrateur = Administrateur.find_by(email: gestionnaire.email)
|
|
|
|
|
[user, gestionnaire, administrateur].compact.each { |resource| sign_in(resource) }
|
|
|
|
|
|
2018-11-22 18:11:00 +01:00
|
|
|
|
# redirect to procedure'url if stored by store_location_for(:user) in dossiers_controller
|
|
|
|
|
# redirect to root_path otherwise
|
|
|
|
|
redirect_to after_sign_in_path_for(:user)
|
2018-10-03 11:11:02 +02:00
|
|
|
|
else
|
|
|
|
|
flash[:alert] = 'Votre lien est invalide ou expiré, veuillez-vous reconnecter.'
|
|
|
|
|
redirect_to new_user_session_path
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
2016-05-26 15:59:50 +02:00
|
|
|
|
private
|
2015-09-23 10:02:01 +02:00
|
|
|
|
|
2019-01-10 10:41:03 +01:00
|
|
|
|
def send_login_token_or_bufferize(gestionnaire)
|
|
|
|
|
if !gestionnaire.young_login_token?
|
|
|
|
|
login_token = gestionnaire.login_token!
|
|
|
|
|
GestionnaireMailer.send_login_token(gestionnaire, login_token).deliver_later
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
2016-05-26 15:59:50 +02:00
|
|
|
|
def error_procedure
|
2017-11-21 10:10:19 +01:00
|
|
|
|
session["user_return_to"] = nil
|
2016-05-26 15:59:50 +02:00
|
|
|
|
flash.alert = t('errors.messages.procedure_not_found')
|
|
|
|
|
redirect_to url_for root_path
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def user_return_to_procedure_id
|
2018-10-01 13:24:37 +02:00
|
|
|
|
if session["user_return_to"].nil?
|
|
|
|
|
return nil
|
|
|
|
|
end
|
2016-05-26 15:59:50 +02:00
|
|
|
|
|
|
|
|
|
NumberService.to_number session["user_return_to"].split("?procedure_id=").second
|
|
|
|
|
end
|
2016-10-11 11:12:45 +02:00
|
|
|
|
|
2017-03-07 10:15:33 +01:00
|
|
|
|
def try_to_authenticate(klass, remember_me = false)
|
2018-03-06 12:01:45 +01:00
|
|
|
|
resource = klass.find_for_database_authentication(email: params[:user][:email])
|
|
|
|
|
|
|
|
|
|
if resource.present?
|
2016-10-11 11:12:45 +02:00
|
|
|
|
if resource.valid_password?(params[:user][:password])
|
2017-03-07 10:15:33 +01:00
|
|
|
|
resource.remember_me = remember_me
|
2016-10-11 11:12:45 +02:00
|
|
|
|
sign_in resource
|
2017-02-07 16:56:21 +01:00
|
|
|
|
resource.force_sync_credentials
|
2016-10-11 11:12:45 +02:00
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
2015-09-23 10:02:01 +02:00
|
|
|
|
end
|