From f60ceea8944198e639be3521739fd7c1099dff77 Mon Sep 17 00:00:00 2001 From: samanera <141537607+samanera@users.noreply.github.com> Date: Thu, 2 Nov 2023 18:54:04 -0600 Subject: [PATCH] omniauth: prevent sending a verification email `omniauth_registrations_controller.rb` fails to create an account when the provider doesn't include a required field. This results in the form being re-rendered leading to a second `#create` call and the creation of a new `request.env`, causing the loss of data populated by OAuth and triggering an email confirmation. See: https://github.com/decidim/decidim/blob/release/0.26-stable/decidim-core/app/commands/decidim/create_omniauth_registration.rb#L75 This patch relies on the `params` to get the `verified_email`. Closes: codeandomexico/decidim-monterrey#147 --- .github/workflows/docker-image-production.yml | 2 +- ...iauth_registrations_controller_override.rb | 7 +++ .../omniauth_registrations/new.html.erb | 46 +++++++++++++++++++ 3 files changed, 54 insertions(+), 1 deletion(-) create mode 100644 app/overrides/controllers/decidim/devise/omniauth_registrations_controller_override.rb create mode 100644 app/views/decidim/devise/omniauth_registrations/new.html.erb diff --git a/.github/workflows/docker-image-production.yml b/.github/workflows/docker-image-production.yml index 923f04f..d5d55fc 100644 --- a/.github/workflows/docker-image-production.yml +++ b/.github/workflows/docker-image-production.yml @@ -19,7 +19,7 @@ jobs: with: github-token: ${{ secrets.GITHUB_TOKEN }} image-name: production - image-tag: 1.4 + image-tag: 1.5 custom-args: --build-arg RAILS_ENV=production --build-arg FORCE_SSL=false --build-arg SECRET_KEY_BASE=${{ secrets.SECRET_KEY_BASE }} --build-arg MAILER_SENDER=${{ secrets.MAILER_SENDER }} dockerfile: docker/decidim.Dockerfile build-context: . diff --git a/app/overrides/controllers/decidim/devise/omniauth_registrations_controller_override.rb b/app/overrides/controllers/decidim/devise/omniauth_registrations_controller_override.rb new file mode 100644 index 0000000..4d8b2dd --- /dev/null +++ b/app/overrides/controllers/decidim/devise/omniauth_registrations_controller_override.rb @@ -0,0 +1,7 @@ +Decidim::Devise::OmniauthRegistrationsController.class_eval do + private + + def verified_email + @verified_email ||= oauth_data.dig(:info, :email) || params.dig(:user, :email) + end +end diff --git a/app/views/decidim/devise/omniauth_registrations/new.html.erb b/app/views/decidim/devise/omniauth_registrations/new.html.erb new file mode 100644 index 0000000..2f449af --- /dev/null +++ b/app/views/decidim/devise/omniauth_registrations/new.html.erb @@ -0,0 +1,46 @@ +
+
+
+
+

<%= t(".sign_up") %>

+

+ <%= t(".subtitle") %> +

+
+
+ +
+
+
+
+ <%= decidim_form_for(@form, namespace: "registration", as: resource_name, url: omniauth_registrations_path(resource_name), html: { class: "register-form new_user" }) do |f| %> + <%= form_required_explanation %> + +
+
+ <%= f.text_field :name, help_text: t(".username_help") %> +
+
+ +
+
+ <% @form.nickname = nil %> + <%= f.text_field :nickname, help_text: t(".nickname_help", organization: current_organization.name) %> +
+
+ + <%= f.hidden_field :email %> + <%= f.hidden_field :uid %> + <%= f.hidden_field :provider %> + <%= f.hidden_field :oauth_signature %> + +
+ <%= f.submit t(".complete_profile"), class: "button expanded" %> +
+ <% end %> +
+
+
+
+
+