# frozen_string_literal: true class Auth::RegistrationsController < Devise::RegistrationsController layout :determine_layout before_action :set_invite, only: [:new, :create] before_action :set_challenge, only: [:new] before_action :check_enabled_registrations, only: [:new, :create] before_action :configure_sign_up_params, only: [:create] before_action :set_sessions, only: [:edit, :update] before_action :set_instance_presenter, only: [:new, :create, :update] before_action :set_body_classes, only: [:new, :create, :edit, :update] before_action :set_cache_headers, only: [:edit, :update] def new super(&:build_invite_request) end def create if session[:challenge_answer].to_s == params[:user][:challenge].to_s.strip # Reset after, may be errors to return and this ensures its still visible set_challenge super else return false end end def destroy not_found end protected def update_resource(resource, params) params[:password] = nil if Devise.pam_authentication && resource.encrypted_password.blank? super end def build_resource(hash = nil) super(hash) resource.locale = I18n.locale resource.invite_code = params[:invite_code] if resource.invite_code.blank? resource.agreement = true resource.current_sign_in_ip = request.remote_ip resource.build_account if resource.account.nil? end def configure_sign_up_params devise_parameter_sanitizer.permit(:sign_up) do |u| u.permit({ account_attributes: [:username], invite_request_attributes: [:text] }, :email, :password, :password_confirmation, :invite_code) end end def after_sign_up_path_for(_resource) new_user_session_path end def after_sign_in_path_for(_resource) set_invite if @invite&.autofollow? short_account_path(@invite.user.account) else super end end def after_inactive_sign_up_path_for(_resource) new_user_session_path end def after_update_path_for(_resource) edit_user_registration_path end def check_enabled_registrations redirect_to root_path if single_user_mode? || !allowed_registrations? end def allowed_registrations? Setting.registrations_mode != 'none' || @invite&.valid_for_use? end def invite_code if params[:user] params[:user][:invite_code] else params[:invite_code] end end private def set_instance_presenter @instance_presenter = InstancePresenter.new end def set_body_classes @body_classes = %w(edit update).include?(action_name) ? 'admin' : '' end def set_invite invite = invite_code.present? ? Invite.find_by(code: invite_code) : nil @invite = invite&.valid_for_use? ? invite : nil end def set_challenge @challenge_add_1 = rand(0...9) @challenge_add_2 = rand(0...9) session[:challenge_answer] = @challenge_add_1 + @challenge_add_2 end def determine_layout %w(edit update).include?(action_name) ? 'admin' : 'auth' end def set_sessions @sessions = current_user.session_activations end def set_cache_headers response.headers['Cache-Control'] = 'no-cache, no-store, max-age=0, must-revalidate' end end