2024-04-29 00:17:15 +02:00
|
|
|
|
# frozen_string_literal: true
|
|
|
|
|
|
2019-08-09 17:32:13 +02:00
|
|
|
|
class Users::SessionsController < Devise::SessionsController
|
2019-01-14 16:25:48 +01:00
|
|
|
|
include ProcedureContextConcern
|
2018-10-30 18:24:29 +01:00
|
|
|
|
include TrustedDeviceConcern
|
|
|
|
|
include ActionView::Helpers::DateHelper
|
|
|
|
|
|
2023-05-25 15:19:55 +02:00
|
|
|
|
layout 'login', only: [:new, :create]
|
2019-01-08 08:20:49 +01:00
|
|
|
|
|
2019-01-14 16:25:48 +01:00
|
|
|
|
before_action :restore_procedure_context, only: [:new, :create]
|
2023-08-30 11:11:02 +02:00
|
|
|
|
skip_before_action :redirect_if_untrusted, only: [:reset_link_sent]
|
2018-01-15 19:14:09 +01:00
|
|
|
|
# POST /resource/sign_in
|
2015-10-07 14:19:16 +02:00
|
|
|
|
def create
|
2019-08-16 15:51:10 +02:00
|
|
|
|
user = User.find_by(email: params[:user][:email])
|
2015-10-07 14:19:16 +02:00
|
|
|
|
|
2019-08-16 15:51:10 +02:00
|
|
|
|
if user&.valid_password?(params[:user][:password])
|
2019-08-16 16:47:46 +02:00
|
|
|
|
user.update(loged_in_with_france_connect: nil)
|
2024-04-08 21:45:04 +02:00
|
|
|
|
user.update_preferred_domain(Current.host) if helpers.switch_domain_enabled?(request)
|
2016-10-11 11:12:45 +02:00
|
|
|
|
end
|
2019-08-16 16:47:46 +02:00
|
|
|
|
|
|
|
|
|
super
|
2023-12-19 10:25:10 +01:00
|
|
|
|
if current_account.count > 1
|
|
|
|
|
flash[:notice] = t("devise.sessions.signed_in_multiple_profile", roles: current_account.keys.map { |role| t("layouts.#{role}") }.join(', '))
|
|
|
|
|
end
|
2015-10-07 14:19:16 +02:00
|
|
|
|
end
|
2015-09-23 10:02:01 +02:00
|
|
|
|
|
2023-08-29 16:41:45 +02:00
|
|
|
|
def reset_link_sent
|
2023-08-30 10:44:59 +02:00
|
|
|
|
if send_login_token_or_bufferize(current_instructeur)
|
2024-03-20 11:34:54 +01:00
|
|
|
|
flash[:notice] = "Nous venons de vous renvoyer un nouveau lien de connexion sécurisée à #{Current.application_name}"
|
2023-08-30 10:44:59 +02:00
|
|
|
|
end
|
2024-02-27 18:52:59 +01:00
|
|
|
|
|
|
|
|
|
signed_email = message_verifier.generate(current_instructeur.email, purpose: :reset_link, expires_in: 1.hour)
|
|
|
|
|
redirect_to link_sent_path(email: signed_email)
|
2023-08-29 16:41:45 +02:00
|
|
|
|
end
|
|
|
|
|
|
2018-10-03 11:11:02 +02:00
|
|
|
|
def link_sent
|
2024-02-27 18:52:59 +01:00
|
|
|
|
email = message_verifier.verify(params[:email], purpose: :reset_link) rescue nil
|
|
|
|
|
|
|
|
|
|
if StrictEmailValidator::REGEXP.match?(email)
|
|
|
|
|
@email = email
|
2021-12-15 13:44:12 +01:00
|
|
|
|
else
|
|
|
|
|
redirect_to root_path
|
|
|
|
|
end
|
2018-10-03 11:11:02 +02:00
|
|
|
|
end
|
|
|
|
|
|
2017-06-12 15:12:51 +02:00
|
|
|
|
# DELETE /resource/sign_out
|
2015-10-07 16:38:29 +02:00
|
|
|
|
def destroy
|
2016-10-11 11:12:45 +02:00
|
|
|
|
if user_signed_in?
|
|
|
|
|
connected_with_france_connect = current_user.loged_in_with_france_connect
|
2024-03-18 11:16:10 +01:00
|
|
|
|
agent_connect_id_token = current_user&.instructeur&.agent_connect_id_token
|
2015-10-07 16:38:29 +02:00
|
|
|
|
|
2024-03-18 10:55:08 +01:00
|
|
|
|
current_user.update(loged_in_with_france_connect: nil)
|
2024-03-18 11:16:10 +01:00
|
|
|
|
current_user&.instructeur&.update(agent_connect_id_token: nil)
|
|
|
|
|
|
2016-10-11 11:12:45 +02:00
|
|
|
|
sign_out :user
|
|
|
|
|
|
2024-03-18 10:55:08 +01:00
|
|
|
|
if connected_with_france_connect == User.loged_in_with_france_connects.fetch(:particulier)
|
|
|
|
|
return redirect_to FRANCE_CONNECT[:particulier][:logout_endpoint], allow_other_host: true
|
2016-10-11 11:12:45 +02:00
|
|
|
|
end
|
2024-03-18 11:16:10 +01:00
|
|
|
|
|
|
|
|
|
if agent_connect_id_token.present?
|
|
|
|
|
return redirect_to build_agent_connect_logout_url(agent_connect_id_token), allow_other_host: true
|
|
|
|
|
end
|
2015-10-07 16:38:29 +02:00
|
|
|
|
end
|
2016-10-11 11:12:45 +02:00
|
|
|
|
|
|
|
|
|
respond_to_on_destroy
|
2015-10-07 16:38:29 +02:00
|
|
|
|
end
|
2015-09-23 10:02:01 +02:00
|
|
|
|
|
2016-05-26 15:59:50 +02:00
|
|
|
|
def no_procedure
|
2019-01-14 16:25:48 +01:00
|
|
|
|
clear_stored_location_for(:user)
|
2016-05-26 15:59:50 +02:00
|
|
|
|
redirect_to new_user_session_path
|
|
|
|
|
end
|
|
|
|
|
|
2018-10-03 11:11:02 +02:00
|
|
|
|
def sign_in_by_link
|
2019-08-06 11:02:54 +02:00
|
|
|
|
instructeur = Instructeur.find(params[:id])
|
|
|
|
|
trusted_device_token = instructeur
|
2019-02-02 22:16:11 +01:00
|
|
|
|
.trusted_device_tokens
|
|
|
|
|
.find_by(token: params[:jeton])
|
|
|
|
|
|
2019-08-27 10:21:06 +02:00
|
|
|
|
if trusted_device_token.nil?
|
|
|
|
|
flash[:alert] = 'Votre lien est invalide.'
|
|
|
|
|
|
|
|
|
|
redirect_to root_path
|
|
|
|
|
elsif trusted_device_token.token_valid?
|
2019-02-04 11:57:50 +01:00
|
|
|
|
trust_device(trusted_device_token.created_at)
|
|
|
|
|
|
|
|
|
|
period = ((trusted_device_token.created_at + TRUSTED_DEVICE_PERIOD) - Time.zone.now).to_i / ActiveSupport::Duration::SECONDS_PER_DAY
|
|
|
|
|
|
|
|
|
|
flash.notice = "Merci d’avoir confirmé votre connexion. Votre navigateur est maintenant authentifié pour #{period} jours."
|
2018-10-30 18:24:29 +01:00
|
|
|
|
|
2018-11-22 18:11:00 +01:00
|
|
|
|
# redirect to procedure'url if stored by store_location_for(:user) in dossiers_controller
|
|
|
|
|
# redirect to root_path otherwise
|
2019-02-01 17:17:10 +01:00
|
|
|
|
|
2019-08-06 11:02:54 +02:00
|
|
|
|
if instructeur_signed_in?
|
2019-02-01 17:17:10 +01:00
|
|
|
|
redirect_to after_sign_in_path_for(:user)
|
|
|
|
|
else
|
|
|
|
|
redirect_to new_user_session_path
|
|
|
|
|
end
|
2018-10-03 11:11:02 +02:00
|
|
|
|
else
|
2019-08-27 10:21:06 +02:00
|
|
|
|
flash[:alert] = 'Votre lien est expiré, un nouveau vient de vous être envoyé.'
|
2019-02-01 17:17:10 +01:00
|
|
|
|
|
2019-08-06 11:02:54 +02:00
|
|
|
|
send_login_token_or_bufferize(instructeur)
|
|
|
|
|
redirect_to link_sent_path(email: instructeur.email)
|
2018-10-03 11:11:02 +02:00
|
|
|
|
end
|
|
|
|
|
end
|
2024-03-18 10:19:30 +01:00
|
|
|
|
|
|
|
|
|
# agent connect callback
|
|
|
|
|
def logout
|
|
|
|
|
redirect_to root_path, notice: I18n.t('devise.sessions.signed_out')
|
|
|
|
|
end
|
2024-03-18 11:16:10 +01:00
|
|
|
|
|
|
|
|
|
private
|
|
|
|
|
|
|
|
|
|
def build_agent_connect_logout_url(id_token)
|
|
|
|
|
h = { id_token_hint: id_token, post_logout_redirect_uri: logout_url }
|
2024-03-19 11:14:57 +01:00
|
|
|
|
"#{AGENT_CONNECT[:end_session_endpoint]}?#{h.to_query}"
|
2024-03-18 11:16:10 +01:00
|
|
|
|
end
|
2015-09-23 10:02:01 +02:00
|
|
|
|
end
|