From 7d48c294d6b298329516559e1a95655783e6f3b0 Mon Sep 17 00:00:00 2001 From: simon lehericey Date: Mon, 9 Dec 2024 11:23:41 +0100 Subject: [PATCH 1/3] fix: password_complexity check must use a post verb --- config/routes.rb | 2 +- spec/controllers/password_complexity_controller_spec.rb | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/config/routes.rb b/config/routes.rb index 47fdf2df4..d1295c2cd 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -171,7 +171,7 @@ Rails.application.routes.draw do get 'logout' => 'users/sessions#logout' end - get 'password_complexity' => 'password_complexity#show', as: 'show_password_complexity' + post 'password_complexity' => 'password_complexity#show', as: 'show_password_complexity' get 'check_email' => 'email_checker#show', as: 'show_email_suggestions' resources :targeted_user_links, only: [:show] diff --git a/spec/controllers/password_complexity_controller_spec.rb b/spec/controllers/password_complexity_controller_spec.rb index 7f8696757..4733f1edc 100644 --- a/spec/controllers/password_complexity_controller_spec.rb +++ b/spec/controllers/password_complexity_controller_spec.rb @@ -6,7 +6,7 @@ describe PasswordComplexityController, type: :controller do { user: { password: 'motDePasseTropFacile' } } end - subject { get :show, format: :turbo_stream, params: params } + subject { post :show, format: :turbo_stream, params: params } it 'computes a password score' do subject From 84f301cdb8b4afaf2d7550c7a9eb331fc03a884d Mon Sep 17 00:00:00 2001 From: simon lehericey Date: Mon, 9 Dec 2024 11:24:34 +0100 Subject: [PATCH 2/3] fix: turbo_input js controller can accept a method in option --- app/javascript/controllers/turbo_input_controller.tsx | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/app/javascript/controllers/turbo_input_controller.tsx b/app/javascript/controllers/turbo_input_controller.tsx index e2ad35db3..2c08333ee 100644 --- a/app/javascript/controllers/turbo_input_controller.tsx +++ b/app/javascript/controllers/turbo_input_controller.tsx @@ -5,10 +5,12 @@ import { ApplicationController } from './application_controller'; export class TurboInputController extends ApplicationController { static values = { url: String, + method: { type: String, default: 'get' }, loadOnConnect: { type: Boolean, default: false } }; declare readonly urlValue: string; + declare readonly methodValue: string; declare readonly loadOnConnectValue: boolean; connect(): void { @@ -22,6 +24,8 @@ export class TurboInputController extends ApplicationController { const target = this.element as HTMLInputElement; const url = new URL(this.urlValue, document.baseURI); url.searchParams.append(target.name, target.value); - httpRequest(url.toString()).turbo(); + httpRequest(url.toString(), { + method: this.methodValue + }).turbo(); } } From 0b67eb511b902073df43e33f3e92902bf13eaee8 Mon Sep 17 00:00:00 2001 From: simon lehericey Date: Mon, 9 Dec 2024 11:25:22 +0100 Subject: [PATCH 3/3] fix: all password check views use the new post route --- .../activate_account_form_component.html.haml | 7 ++++++- app/views/administrateurs/activate/new.html.haml | 7 ++++++- app/views/devise/passwords/edit.html.haml | 7 ++++++- app/views/experts/avis/sign_up.html.haml | 8 +++++++- app/views/gestionnaires/activate/new.html.haml | 7 ++++++- app/views/users/registrations/new.html.haml | 8 +++++++- 6 files changed, 38 insertions(+), 6 deletions(-) diff --git a/app/components/instructeurs/activate_account_form_component/activate_account_form_component.html.haml b/app/components/instructeurs/activate_account_form_component/activate_account_form_component.html.haml index c92729a6f..368a1012a 100644 --- a/app/components/instructeurs/activate_account_form_component/activate_account_form_component.html.haml +++ b/app/components/instructeurs/activate_account_form_component/activate_account_form_component.html.haml @@ -16,7 +16,12 @@ .fr-fieldset__element = render Dsfr::InputComponent.new(form: f, attribute: :password, input_type: :password_field, - opts: { autofocus: 'true', autocomplete: 'new-password', data: { controller: 'turbo-input', turbo_input_url_value: show_password_complexity_path }, aria: {describedby: 'password_hint'}}) + opts: { autofocus: 'true', + autocomplete: 'new-password', + data: { controller: 'turbo-input', + turbo_input_url_value: show_password_complexity_path, + turbo_input_method_value: 'post' }, + aria: {describedby: 'password_hint'}}) #password_complexity = render PasswordComplexityComponent.new diff --git a/app/views/administrateurs/activate/new.html.haml b/app/views/administrateurs/activate/new.html.haml index 0dca181ed..3de3fdaee 100644 --- a/app/views/administrateurs/activate/new.html.haml +++ b/app/views/administrateurs/activate/new.html.haml @@ -18,7 +18,12 @@ .fr-fieldset__element = render Dsfr::InputComponent.new(form: f, attribute: :password, input_type: :password_field, - opts: { autofocus: 'true', autocomplete: 'new-password', data: { controller: 'turbo-input', turbo_input_url_value: show_password_complexity_path }, aria: {describedby: 'password_hint'}}) + opts: { autofocus: 'true', + autocomplete: 'new-password', + data: { controller: 'turbo-input', + turbo_input_url_value: show_password_complexity_path, + turbo_input_method_value: 'post' }, + aria: {describedby: 'password_hint'}}) #password_complexity = render PasswordComplexityComponent.new diff --git a/app/views/devise/passwords/edit.html.haml b/app/views/devise/passwords/edit.html.haml index 4227eaea8..8f353643b 100644 --- a/app/views/devise/passwords/edit.html.haml +++ b/app/views/devise/passwords/edit.html.haml @@ -21,7 +21,12 @@ .fr-fieldset__element = render Dsfr::InputComponent.new(form: f, attribute: :password, input_type: :password_field, - opts: { autofocus: 'true', autocomplete: 'new-password', data: { controller: 'turbo-input', turbo_input_url_value: show_password_complexity_path }, aria: {describedby: 'password_hint'}}) + opts: { autofocus: 'true', + autocomplete: 'new-password', + data: { controller: 'turbo-input', + turbo_input_url_value: show_password_complexity_path, + turbo_input_method_value: 'post' }, + aria: {describedby: 'password_hint'}}) #password_complexity = render PasswordComplexityComponent.new diff --git a/app/views/experts/avis/sign_up.html.haml b/app/views/experts/avis/sign_up.html.haml index 72d5da9ea..82efdd776 100644 --- a/app/views/experts/avis/sign_up.html.haml +++ b/app/views/experts/avis/sign_up.html.haml @@ -14,7 +14,13 @@ .fr-fieldset__element = render Dsfr::InputComponent.new(form: f, attribute: :password, input_type: :password_field, - opts: { autofocus: 'true', autocomplete: 'new-password', data: { controller: 'turbo-input', turbo_input_url_value: show_password_complexity_path }, aria: {describedby: 'password_hint'}}) + opts: { autofocus: 'true', + autocomplete: 'new-password', + data: { controller: 'turbo-input', + turbo_input_url_value: show_password_complexity_path, + turbo_input_method_value: 'post', + }, + aria: {describedby: 'password_hint'}}) #password_complexity = render PasswordComplexityComponent.new diff --git a/app/views/gestionnaires/activate/new.html.haml b/app/views/gestionnaires/activate/new.html.haml index 5f91c40ea..11481c821 100644 --- a/app/views/gestionnaires/activate/new.html.haml +++ b/app/views/gestionnaires/activate/new.html.haml @@ -18,7 +18,12 @@ .fr-fieldset__element = render Dsfr::InputComponent.new(form: f, attribute: :password, input_type: :password_field, - opts: { autofocus: 'true', autocomplete: 'new-password', data: { controller: 'turbo-input', turbo_input_url_value: show_password_complexity_path }, aria: {describedby: 'password_hint'}}) + opts: { autofocus: 'true', + autocomplete: 'new-password', + data: { controller: 'turbo-input', + turbo_input_url_value: show_password_complexity_path, + turbo_input_method_value: 'post' }, + aria: {describedby: 'password_hint'}}) #password_complexity = render PasswordComplexityComponent.new diff --git a/app/views/users/registrations/new.html.haml b/app/views/users/registrations/new.html.haml index 41e5c23ea..efe63138b 100644 --- a/app/views/users/registrations/new.html.haml +++ b/app/views/users/registrations/new.html.haml @@ -20,7 +20,13 @@ .fr-fieldset__element = render Dsfr::InputComponent.new(form: f, attribute: :password, input_type: :password_field, - opts: { autofocus: 'true', autocomplete: 'new-password', data: { controller: 'turbo-input', turbo_input_url_value: show_password_complexity_path, email_input_target: 'next'}, aria: {describedby: 'password_hint'}}) + opts: { autofocus: 'true', + autocomplete: 'new-password', + data: { controller: 'turbo-input', + turbo_input_url_value: show_password_complexity_path, + turbo_input_method_value: 'post', + email_input_target: 'next' }, + aria: {describedby: 'password_hint'}}) #password_complexity = render PasswordComplexityComponent.new