Implement invitation codes

2025-07-24 07:39:39 +02:00 · 2024-02-02 17:49:28 -06:00 · 2024-02-02 17:49:28 -06:00 · b3a792c47d
commit b3a792c47d
parent 533e6690c2
11 changed files with 149 additions and 9 deletions
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@ -37,4 +37,9 @@ class ApplicationController < ActionController::Base
    Current.user = nil
    reset_session
  end
+
+  def hosted_app?
+    ENV["HOSTED"] == "true"
+  end
+  helper_method :hosted_app?
 end
--- a/app/controllers/registrations_controller.rb
+++ b/app/controllers/registrations_controller.rb
@ -1,13 +1,14 @@
 class RegistrationsController < ApplicationController
  layout "auth"

+  before_action :set_user, only: :create
+  before_action :claim_invite_code, only: :create, if: :hosted_app?
+
  def new
    @user = User.new
  end

  def create
-    @user = User.new(user_params)
-
    family = Family.new
    @user.family = family

@ -23,7 +24,17 @@ class RegistrationsController < ApplicationController

  private

+  def set_user
+    @user = User.new user_params.except(:invite_code)
+  end
+
  def user_params
-    params.require(:user).permit(:name, :email, :password, :password_confirmation)
+    params.require(:user).permit(:name, :email, :password, :password_confirmation, :invite_code)
+  end
+
+  def claim_invite_code
+    unless InviteCode.claim! params[:user][:invite_code]
+      redirect_to new_registration_path, alert: "Invalid invite code, please try again."
+    end
  end
 end
--- a/app/models/invite_code.rb
+++ b/app/models/invite_code.rb
@ -0,0 +1,25 @@
+class InviteCode < ApplicationRecord
+  before_validation :generate_token, on: :create
+
+  class << self
+    def claim!(token)
+      if invite_code = find_by(token: token&.downcase)
+        invite_code.destroy!
+        true
+      end
+    end
+
+    def generate!
+      create!.token
+    end
+  end
+
+  private
+
+  def generate_token
+    loop do
+      self.token = SecureRandom.hex(4)
+      break token unless self.class.exists?(token: token)
+    end
+  end
+end
--- a/app/views/layouts/application.html.erb
+++ b/app/views/layouts/application.html.erb
@ -66,7 +66,7 @@
            <% current_family.accounts.depository.each do |account| %>
              <div class="flex items-center justify-between py-2">
                <div class="flex items-center text-sm">
-                  <%= account.name %> 
+                  <%= account.name %>
                </div>
                <p class="text-sm text-right">
                  <span class="block mb-1"><%= number_to_currency account.balance %></span>
--- a/app/views/layouts/auth.html.erb
+++ b/app/views/layouts/auth.html.erb
@ -6,7 +6,7 @@
    <meta name="apple-mobile-web-app-capable" content="yes">
    <meta name="apple-mobile-web-app-status-bar-style" content="black-translucent">
    <meta name="apple-mobile-web-app-title" content="Maybe">
-    
+
    <%= csrf_meta_tags %>
    <%= csp_meta_tag %>
    <%= stylesheet_link_tag "tailwind", "inter-font", "data-turbo-track": "reload" %>
@ -18,15 +18,21 @@
  </head>

  <body class="h-full">
+    <% flash.each do |type, msg| %>
+      <div>
+        <%= msg %>
+      </div>
+    <% end %>
+
    <div class="flex flex-col justify-center min-h-full px-6 py-12">

      <div class="sm:mx-auto sm:w-full sm:max-w-md">
        <%= render "shared/logo" %>
-        
+
        <h2 class="mt-6 text-3xl font-semibold tracking-tight text-center font-display">
          <%= content_for?(:header_title) ? yield(:header_title).html_safe : "Your account" %>
        </h2>
-        
+
        <% if params[:controller] == "devise/sessions" && params[:action] == "new" %>
        <p class="mt-2 text-sm text-center text-gray-600">
          or <%= link_to "create an account", new_user_registration_path, class: 'font-medium text-candlelight-600 hover:text-candlelight-500' %>
--- a/app/views/registrations/new.html.erb
+++ b/app/views/registrations/new.html.erb
@ -24,6 +24,13 @@
    <%= form.password_field :password_confirmation, autocomplete: "new-password", required: 'required', class: 'p-0 mt-1 bg-transparent border-none opacity-50 focus:outline-none focus:ring-0 focus-within:opacity-100 w-full' %>
  </div>

+  <% if hosted_app? %>
+    <div class="bg-offwhite rounded-xl focus-within:bg-white focus-within:shadow focus-within:opacity-100 relative p-4 border border-gray-100">
+      <%= form.label :invite_code, "Invite code", class: 'block text-sm font-medium text-gray-700' %>
+      <%= form.password_field :invite_code, required: 'required', class: 'p-0 mt-1 bg-transparent border-none opacity-50 focus:outline-none focus:ring-0 focus-within:opacity-100 w-full' %>
+    </div>
+  <% end %>
+
  <div>
    <%= form.submit "Continue", class: 'flex justify-center w-full px-4 py-3 text-sm font-medium text-white bg-black rounded-xl hover:bg-black focus:outline-none focus:ring-2 focus:ring-gray-200 shadow' %>
  </div>
@ -31,4 +38,4 @@

 <div class="mt-6 text-center">
  <p class="text-sm text-gray-600">Already have an account? <%= link_to "Sign in", new_session_path, class: 'font-medium text-candlelight-600 hover:text-candlelight-500' %></p>
-</div>
+</div>