From 63b984c2230c043165feeb7c5b7bf6903f3da30b Mon Sep 17 00:00:00 2001 From: Rob Sterner Date: Tue, 15 Oct 2024 20:18:13 -0400 Subject: [PATCH 1/5] redirect away from /settings --- app/controllers/settings_controller.rb | 7 +++++++ config/routes.rb | 2 +- 2 files changed, 8 insertions(+), 1 deletion(-) create mode 100644 app/controllers/settings_controller.rb diff --git a/app/controllers/settings_controller.rb b/app/controllers/settings_controller.rb new file mode 100644 index 0000000..87a8005 --- /dev/null +++ b/app/controllers/settings_controller.rb @@ -0,0 +1,7 @@ +class SettingsController < ApplicationController + + before_action :require_user! + def show + redirect_to settings_profile_url + end +end diff --git a/config/routes.rb b/config/routes.rb index 8ec5011..a5e5fd5 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -39,7 +39,7 @@ resource :avatars, only: [:destroy] - resource :settings, only: [:show, :update], controller: "settings" do + resource :settings do resource :company, only: [:show, :update], controller: "settings/company" resource :billing_information, only: [:show, :edit, :update], controller: "settings/billing_information" resource :subscription, only: [:new], controller: "settings/subscriptions" From 6f566fe8453a1461751bd105fe36e83603c751a5 Mon Sep 17 00:00:00 2001 From: Rob Sterner Date: Tue, 15 Oct 2024 20:18:24 -0400 Subject: [PATCH 2/5] redirect to my staffplan from / --- app/controllers/application_controller.rb | 10 ++++++++++ app/controllers/dashboard_controller.rb | 1 + 2 files changed, 11 insertions(+) diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 40c464b..e9f9f95 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -62,4 +62,14 @@ def set_paper_trail_whodunnit return unless current_user PaperTrail.request.whodunnit = current_user.id end + + def my_staffplan_url + case Rails.env + when "production" + "https://ui.staffplan.com/people/#{current_user.id}" + else + "https://localhost:8080/people/#{current_user.id}" + end + end + helper_method :my_staffplan_url end diff --git a/app/controllers/dashboard_controller.rb b/app/controllers/dashboard_controller.rb index d81383f..fc17c57 100644 --- a/app/controllers/dashboard_controller.rb +++ b/app/controllers/dashboard_controller.rb @@ -2,6 +2,7 @@ class DashboardController < ApplicationController before_action :require_user! def show + redirect_to my_staffplan_url, allow_other_host: true end def switch_account From a6db8390da1ae4414cb15501601a389edbad5933 Mon Sep 17 00:00:00 2001 From: Rob Sterner Date: Tue, 15 Oct 2024 20:33:51 -0400 Subject: [PATCH 3/5] fix up specs re: redirects --- spec/system/authentications_spec.rb | 6 +++--- spec/system/signup_spec.rb | 5 ++--- spec/system/user_management_spec.rb | 4 ++-- 3 files changed, 7 insertions(+), 8 deletions(-) diff --git a/spec/system/authentications_spec.rb b/spec/system/authentications_spec.rb index c1f6927..d247d55 100644 --- a/spec/system/authentications_spec.rb +++ b/spec/system/authentications_spec.rb @@ -50,7 +50,7 @@ click_button "Sign in" fill_in "passwordless[token]", with: token click_button "Confirm" - expect(page).to have_current_path(root_path) + expect(page).to have_current_path("/people/#{user.id}") end it "signs them in after clicking the link in the email" do @@ -63,7 +63,7 @@ # click the link in the email visit confirm_auth_sign_in_path(user.passwordless_sessions.last.identifier, token) - expect(page).to have_current_path(root_path) + expect(page).to have_current_path("/people/#{user.id}") end end @@ -90,7 +90,7 @@ click_button "Sign in" fill_in "passwordless[token]", with: token click_button "Confirm" - expect(page).to have_current_path(root_path) + expect(page).to have_current_path("/people/#{user.id}") # sign yourself out visit auth_sign_out_path diff --git a/spec/system/signup_spec.rb b/spec/system/signup_spec.rb index 4dcdff1..fa922be 100644 --- a/spec/system/signup_spec.rb +++ b/spec/system/signup_spec.rb @@ -102,9 +102,8 @@ it "should confirm the registration and sign the user in" do registration = create(:registration) visit register_registration_path(registration.reload, token: registration.token) - - expect(page).to have_current_path(root_path) - expect(page).to have_content("Thanks for registering! You're now signed in.") + user = User.find_by!(email: registration.email) + expect(page).to have_current_path("/people/#{user.id}") end it "should mark the registration as having registered?" do diff --git a/spec/system/user_management_spec.rb b/spec/system/user_management_spec.rb index 04c1586..9b45392 100644 --- a/spec/system/user_management_spec.rb +++ b/spec/system/user_management_spec.rb @@ -28,7 +28,7 @@ visit settings_users_url - expect(page).to have_current_path(root_path) + expect(page).to have_current_path("/people/#{membership.user_id}") end end @@ -69,4 +69,4 @@ expect(page).to have_text("Email is invalid") end end -end \ No newline at end of file +end From f729e39d6c3ad0412900091cfe8b5a4448345187 Mon Sep 17 00:00:00 2001 From: Rob Sterner Date: Tue, 15 Oct 2024 20:52:52 -0400 Subject: [PATCH 4/5] redirect to my staffplan on sign in --- app/controllers/application_controller.rb | 2 +- config/initializers/passwordless.rb | 11 +++++++++-- 2 files changed, 10 insertions(+), 3 deletions(-) diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index e9f9f95..2784622 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -68,7 +68,7 @@ def my_staffplan_url when "production" "https://ui.staffplan.com/people/#{current_user.id}" else - "https://localhost:8080/people/#{current_user.id}" + "http://localhost:8080/people/#{current_user.id}" end end helper_method :my_staffplan_url diff --git a/config/initializers/passwordless.rb b/config/initializers/passwordless.rb index c3d91c1..3472365 100644 --- a/config/initializers/passwordless.rb +++ b/config/initializers/passwordless.rb @@ -9,8 +9,15 @@ config.redirect_back_after_sign_in = true # When enabled the user will be redirected to their previous page, or a page specified by the `destination_path` query parameter, if available. config.redirect_to_response_options = {} # Additional options for redirects. - config.success_redirect_path = '/' # After a user successfully signs in + config.success_redirect_path = -> (current_user) { + case Rails.env + when 'production' + "https://ui.staffplan.com/people/#{current_user.id}" + else + "http://localhost:8080/people/#{current_user.id}" + end + } config.failure_redirect_path = '/' # After a sign in fails config.sign_out_redirect_path = '/' # After a user signs out config.paranoid = true -end \ No newline at end of file +end From ce3e93180e9b34d41a96defe17987bdfa4d83918 Mon Sep 17 00:00:00 2001 From: Rob Sterner Date: Tue, 15 Oct 2024 21:21:57 -0400 Subject: [PATCH 5/5] revert passwordless-based redirect, send to dashboard#show. try to tighten up stripe redirect --- app/controllers/sessions_controller.rb | 10 ++++++++++ app/controllers/settings/subscriptions_controller.rb | 3 ++- config/initializers/passwordless.rb | 11 ++--------- 3 files changed, 14 insertions(+), 10 deletions(-) diff --git a/app/controllers/sessions_controller.rb b/app/controllers/sessions_controller.rb index cb6a9c3..b14b61c 100644 --- a/app/controllers/sessions_controller.rb +++ b/app/controllers/sessions_controller.rb @@ -9,4 +9,14 @@ def require_params redirect_to auth_sign_in_url, alert: "Sorry, please try that again." end end + + def my_staffplan_url(current_user) + case Rails.env + when "production" + "https://ui.staffplan.com/people/#{current_user.id}" + else + "http://localhost:8080/people/#{current_user.id}" + end + end + helper_method :my_staffplan_url end diff --git a/app/controllers/settings/subscriptions_controller.rb b/app/controllers/settings/subscriptions_controller.rb index bc75343..0c2d6d1 100644 --- a/app/controllers/settings/subscriptions_controller.rb +++ b/app/controllers/settings/subscriptions_controller.rb @@ -34,6 +34,7 @@ def new render json: { 'error': { message: e.message } }, status: 400 and return end - redirect_to session.url, status: 303, allow_other_host: true + # allow_other_host will be true if redirecting to *stripe.com + redirect_to session.url, status: 303, allow_other_host: session.url.match(/https:\/\/.*stripe\.com/) end end diff --git a/config/initializers/passwordless.rb b/config/initializers/passwordless.rb index 3472365..fa6fbca 100644 --- a/config/initializers/passwordless.rb +++ b/config/initializers/passwordless.rb @@ -8,15 +8,8 @@ config.timeout_at = lambda { 10.minutes.from_now } # How long until a token/magic link times out. config.redirect_back_after_sign_in = true # When enabled the user will be redirected to their previous page, or a page specified by the `destination_path` query parameter, if available. - config.redirect_to_response_options = {} # Additional options for redirects. - config.success_redirect_path = -> (current_user) { - case Rails.env - when 'production' - "https://ui.staffplan.com/people/#{current_user.id}" - else - "http://localhost:8080/people/#{current_user.id}" - end - } + config.redirect_to_response_options = {} + config.success_redirect_path = "/" config.failure_redirect_path = '/' # After a sign in fails config.sign_out_redirect_path = '/' # After a user signs out config.paranoid = true