mirror of
https://github.com/heartcombo/devise.git
synced 2022-11-09 12:18:31 -05:00
78f137368c
This brings support for Rails 4 StrongParameters changes. - Parameter sanitizing is setup for Devise controllers via resource_params except Omniauth Callbacks which doesn't use resource_params. - Change #build_resource to not call resource_params for get requests. Parameter sanitizing is only needed when params are posted to the server so there's no need to try to construct resource params on get requests (new, edit).
42 lines
1.3 KiB
Ruby
42 lines
1.3 KiB
Ruby
class Devise::ConfirmationsController < DeviseController
|
|
# GET /resource/confirmation/new
|
|
def new
|
|
build_resource({})
|
|
end
|
|
|
|
# POST /resource/confirmation
|
|
def create
|
|
self.resource = resource_class.send_confirmation_instructions(resource_params)
|
|
|
|
if successfully_sent?(resource)
|
|
respond_with({}, :location => after_resending_confirmation_instructions_path_for(resource_name))
|
|
else
|
|
respond_with(resource)
|
|
end
|
|
end
|
|
|
|
# GET /resource/confirmation?confirmation_token=abcdef
|
|
def show
|
|
self.resource = resource_class.confirm_by_token(params[:confirmation_token])
|
|
|
|
if resource.errors.empty?
|
|
set_flash_message(:notice, :confirmed) if is_navigational_format?
|
|
sign_in(resource_name, resource)
|
|
respond_with_navigational(resource){ redirect_to after_confirmation_path_for(resource_name, resource) }
|
|
else
|
|
respond_with_navigational(resource.errors, :status => :unprocessable_entity){ render :new }
|
|
end
|
|
end
|
|
|
|
protected
|
|
|
|
# The path used after resending confirmation instructions.
|
|
def after_resending_confirmation_instructions_path_for(resource_name)
|
|
new_session_path(resource_name)
|
|
end
|
|
|
|
# The path used after confirmation.
|
|
def after_confirmation_path_for(resource_name, resource)
|
|
after_sign_in_path_for(resource)
|
|
end
|
|
end
|