espoo-dev · leonardobrito · Jun 8, 2023 · Jun 8, 2023 · Jun 8, 2023 · Jun 8, 2023
diff --git a/backend-rails/.env.sample b/backend-rails/.env.sample
@@ -1,7 +1,9 @@
 SERVER_HOST=localhost
-PASSWORD_RESET_URL=http://127.0.0.1:3000
+PASSWORD_RESET_URL=http://localhost:3000/auth/reset_password
 SENDGRID_API_KEY=
 AWS_ACCESS_KEY_ID=
 AWS_SECRET_ACCESS_KEY=
 S3_BUCKET_NAME=
 AWS_BUCKET_REGION=
+LAUNCHY_DRY_RUN=true
+BROWSER=/dev/null
diff --git a/backend-rails/Gemfile b/backend-rails/Gemfile
@@ -15,6 +15,7 @@ gem 'devise_token_auth', '~> 1.2', git: 'https://github.com/lynndylanhurley/devi
 gem 'draper', '~> 4.0', '>= 4.0.1'
 gem 'exception_hunter', '~> 1.0', '>= 1.0.1'
 gem 'jbuilder', '~> 2.10'
+gem 'jquery-rails'
 gem 'matrix', '~> 0.4.2'
 gem 'oj', '~> 3.9', '>= 3.9.2'
 gem 'pagy', '~> 3.7', '>= 3.7.5'
@@ -28,6 +29,7 @@ gem 'sass-rails', '~> 6.0.0'
 gem 'sendgrid', '~> 1.2.4'
 gem 'sprockets', '~> 3.7.2'
 gem 'yaaf', '~> 2.2'
+
 # Use Redis adapter to run Action Cable in production
 # gem 'redis', '~> 4.0'
 # Use Active Model has_secure_password

diff --git a/backend-rails/Gemfile.lock b/backend-rails/Gemfile.lock
@@ -468,6 +468,7 @@ DEPENDENCIES
   faker (~> 2.13)
   i18n-tasks (~> 0.9.30)
   jbuilder (~> 2.10)
+  jquery-rails
   letter_opener (~> 1.7)
   listen (~> 3.2)
   matrix (~> 0.4.2)

diff --git a/backend-rails/app/assets/javascripts/application.js b/backend-rails/app/assets/javascripts/application.js
@@ -0,0 +1,2 @@
+// require_self
+// require_tree.
diff --git a/backend-rails/app/assets/javascripts/jquery_init.js b/backend-rails/app/assets/javascripts/jquery_init.js
@@ -0,0 +1,2 @@
+//= require jquery
+//= require jquery_ujs
diff --git a/backend-rails/app/assets/javascripts/reset_password.js b/backend-rails/app/assets/javascripts/reset_password.js
@@ -0,0 +1,31 @@
+//= require_self
+
+$(document).ready(function () {
+  $('#reset_password_form').submit(function (event) {
+    event.preventDefault();
+
+    const params = $(this).data('params')
+
+    const headers = {
+      uid: params.uid,
+      client: params.client,
+      'access-token': params['access-token']
+    }
+
+    $.ajax({
+      headers,
+      url: $(this).attr('action'),
+      type: "PUT",
+      datatype: "application/js",
+      data: $(this).serialize(),
+      success: function (response) {
+        alert(response.message)
+      },
+      error: function (_XMLHttpRequest, textStatus, errorThrown) {
+        alert("Status: " + textStatus); alert("Error: " + errorThrown);
+      }
+    })
+
+    return false;
+  });
+})
diff --git a/backend-rails/app/controllers/auth_controller.rb b/backend-rails/app/controllers/auth_controller.rb
@@ -0,0 +1,9 @@
+class AuthController < ApplicationController
+  def reset_password; end
+
+  private
+
+  def auth_params
+    params.permit('access-token', :client, :client_id, :token, :uid)
+  end
+end
diff --git a/backend-rails/app/views/auth/reset_password.html.erb b/backend-rails/app/views/auth/reset_password.html.erb
@@ -0,0 +1,19 @@
+<%= javascript_include_tag "jquery_init" %>
+<%= javascript_include_tag "reset_password", "data-turbolinks-track" => true  %>
+
+<div style="margin: auto; width: 50%; height: 50%; padding: 10px;">
+  <h2>Reset your password</h2>
+
+  <%= form_with url: user_password_path,
+      local: false, method: :put,  html: { id: "reset_password_form", data: { params: params} } do |form| %>
+    <div class="field">
+      <%= form.label :password %>
+      <%= form.password_field :password %>
+    </div>
+    <div class="field">
+      <%= form.label :password_confirmation %>
+      <%= form.password_field :password_confirmation %>
+    </div>
+    <%= form.submit 'Reset Password', style: 'margin-top: 24px; padding: 12px;' %>
+  <% end %>
+</div>
diff --git a/backend-rails/app/views/devise/mailer/confirmation_instructions.html.erb b/backend-rails/app/views/devise/mailer/confirmation_instructions.html.erb
@@ -0,0 +1,5 @@
+<p><%= t(:welcome).capitalize + ' ' + @email %>!</p>
+
+<p><%= t '.confirm_link_msg' %> </p>
+
+<p><%= link_to t('.confirm_account_link'), user_confirmation_url(@resource, {confirmation_token: @token, config: message['client-config'].to_s, redirect_url: message['redirect-url']}).html_safe %></p>
diff --git a/backend-rails/app/views/devise/mailer/reset_password_instructions.html.erb b/backend-rails/app/views/devise/mailer/reset_password_instructions.html.erb
@@ -0,0 +1,8 @@
+<p><%= t(:hello).capitalize %> <%= @resource.email %>!</p>
+
+<p><%= t '.request_reset_link_msg' %></p>
+
+<p><%= link_to t('.password_change_link'), edit_user_password_url(@resource, reset_password_token: @token, config: message['client-config'].to_s, redirect_url: message['redirect-url'].to_s).html_safe %></p>
+
+<p><%= t '.ignore_mail_msg' %></p>
+<p><%= t '.no_changes_msg' %></p>
diff --git a/backend-rails/app/views/layouts/application.html.erb b/backend-rails/app/views/layouts/application.html.erb
@@ -0,0 +1,16 @@
+<!DOCTYPE html>
+<html>
+  <head>
+    <title>My App</title>
+    <meta name="viewport" content="width=device-width,initial-scale=1">
+    <%= csrf_meta_tags %>
+    <%= csp_meta_tag %>
+
+    <%= stylesheet_link_tag "application", "data-turbo-track": "reload" %>
+    <%= javascript_include_tag "application", "data-turbo-track": "reload", defer: true %>
+  </head>
+
+  <body>
+    <%= yield %>
+  </body>
+</html>
diff --git a/backend-rails/config/environments/development.rb b/backend-rails/config/environments/development.rb
@@ -42,9 +42,12 @@
   # Don't care if the mailer can't send.
   config.action_mailer.raise_delivery_errors = true
   config.action_mailer.delivery_method = :letter_opener
-
+  config.action_mailer.perform_deliveries = true
+  config.action_mailer.default_options = { from: 'no-reply@yourapi.com' }
   config.action_mailer.perform_caching = false
 
+  config.action_mailer.default_url_options = { host: 'localhost', port: 3000 }
+
   # Print deprecation notices to the Rails logger.
   config.active_support.deprecation = :log
 

diff --git a/backend-rails/config/initializers/assets.rb b/backend-rails/config/initializers/assets.rb
@@ -11,4 +11,4 @@
 # Precompile additional assets.
 # application.js, application.css, and all non-JS/CSS in the app/assets
 # folder are already added.
-Rails.application.config.assets.precompile += %w[active_admin.js active_admin.css]
+Rails.application.config.assets.precompile += %w[active_admin.js active_admin.css reset_password.js jquery_init.js]
diff --git a/backend-rails/config/initializers/devise.rb b/backend-rails/config/initializers/devise.rb
@@ -188,7 +188,7 @@
   # ==> Configuration for :recoverable
   #
   # Defines which key will be used when recovering the password for an account
-  # config.reset_password_keys = [:email]
+  config.reset_password_keys = [:email]
 
   # Time interval you can reset your password with a reset password key.
   # Don't put a too small interval or your users won't have the time to

diff --git a/backend-rails/config/routes.rb b/backend-rails/config/routes.rb
@@ -2,12 +2,15 @@
   devise_for :admin_users, ActiveAdmin::Devise.config
   ActiveAdmin.routes(self)
   ExceptionHunter.routes(self)
+
   mount_devise_token_auth_for 'User', at: '/api/v1/users', controllers: {
     registrations: 'api/v1/registrations',
     sessions: 'api/v1/sessions',
     passwords: 'api/v1/passwords'
   }
 
+  get 'auth/reset_password', to: 'auth#reset_password'
+
   namespace :api do
     namespace :v1, defaults: { format: :json } do
       resources :daily_habits, only: %i[index create]

diff --git a/backend-rails/spec/requests/auth_spec.rb b/backend-rails/spec/requests/auth_spec.rb
@@ -0,0 +1,7 @@
+require 'rails_helper'
+
+RSpec.describe 'Auths', type: :request do
+  describe 'GET /index' do
+    pending "add some examples (or delete) #{__FILE__}"
+  end
+end