Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Proper way for magic link to confirm using Devise confirmable #58

Open
wilg opened this issue Apr 19, 2024 · 5 comments
Open

Proper way for magic link to confirm using Devise confirmable #58

wilg opened this issue Apr 19, 2024 · 5 comments

Comments

@wilg
Copy link

wilg commented Apr 19, 2024

I have both magic_link_authenticatable and confirmable. However, I want to handle the case where the user never confirms their email, but does click the magic link. This should just mark the user as confirmed, since of course they just received the email. It doesn't appear to work this way by default, and I'm not sure where to hook in. It seems like maybe its getting caught by confirmable first.
@wilg
Copy link
Author

wilg commented Apr 20, 2024
edited

I could not figure out how to do it the way I originally described, but I overrode the controller so that attempting to send a magic link to an unconfirmed user just sends them the confirmation email instead.

class Users::Passwordless::SessionsController < Devise::Passwordless::SessionsController
  def create
    user = resource_class.find_by(email: create_params[:email])
    if !user || user.confirmed?
      super
    else
      user.send_confirmation_instructions
      set_flash_message!(:notice, :magic_link_sent)
      redirect_to(after_magic_link_sent_path_for(resource), status: devise_redirect_status)
    end
  end
end

@wilg wilg mentioned this issue Apr 29, 2024
Open
@iainbeeston
Copy link
Contributor

I'd try something like this instead, which avoids duplicating the code in the passwordless controllers

class Users::MagicLinksController < Devise::MagicLinksController
  def show
    super do |resource|
      resource.confirm unless resource.confirmed?
    end
  end
end

@wilg
Copy link
Author

wilg commented Apr 29, 2024

@iainbeeston Unfortunately, that does not work for me. Devise catches it before it gets to the controller code and flashes "You have to confirm your email address before continuing." Digging around in the internals it seems quite difficult to change this behavior.

@abevoelker
Copy link
Owner

abevoelker commented Apr 30, 2024
edited

not at my dev machine to test this but try something like this

class User
  def after_magic_link_authentication
    unless confirmed?
      skip_confirmation!
      save!
    end
  end
end

@abevoelker
Copy link
Owner

(Copying and pasting this to all open issues/PRs:)

Hey all, per #64 I unfortunately won't have much time for the foreseeable future to maintain devise-passwordless to fix the open bugs and work on new features. I'm not abandoning this project, but due to some life issues it's just at the bottom of my priority list for now.

Anyone who wants to step up and be a maintainer to shepherd the project forward would be welcomed! I just ask that you've opened a PR, or written an issue, or can otherwise demonstrate some familiarity/competence with the project. You can reply to #64 or message me privately (through email or socials since GitHub doesn't have DMs) if interested. Thank you ✌️

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@wilg @iainbeeston @abevoelker