summaryrefslogtreecommitdiff
path: root/users/app
diff options
context:
space:
mode:
authorjessib <jessib@riseup.net>2013-09-26 11:38:35 -0700
committerjessib <jessib@riseup.net>2013-09-26 11:38:35 -0700
commitdba941539011f5e0634585e6c11a1c7f58110876 (patch)
tree75ffdf66bdfaf61be5a75beb3b39f03ba1c4cd77 /users/app
parent663d37eef8fae9f1d27d115e48a7136309eab960 (diff)
parent4f8414298750193b6de3daff08364ec745a6a761 (diff)
Merge pull request #90 from azul/feature/use-token-auth
Feature/use token auth
Diffstat (limited to 'users/app')
m---------users/app/assets/javascripts/srp0
-rw-r--r--users/app/assets/javascripts/users.js31
-rw-r--r--users/app/controllers/v1/sessions_controller.rb1
-rw-r--r--users/app/views/users/_edit.html.haml7
4 files changed, 35 insertions, 4 deletions
diff --git a/users/app/assets/javascripts/srp b/users/app/assets/javascripts/srp
-Subproject 9c61d52f1f975ec0eefe5b4a0b71ac529300cbe
+Subproject d22bf3b9fe2fd31192e1e1b358e97e5a0f3f90b
diff --git a/users/app/assets/javascripts/users.js b/users/app/assets/javascripts/users.js
index 4c9b510..aaeba6e 100644
--- a/users/app/assets/javascripts/users.js
+++ b/users/app/assets/javascripts/users.js
@@ -3,7 +3,12 @@
// LOCAL FUNCTIONS
//
- var poll_users, prevent_default, form_failed, form_passed, clear_errors;
+ var poll_users,
+ prevent_default,
+ form_failed,
+ form_passed,
+ clear_errors,
+ update_user;
prevent_default = function(event) {
return event.preventDefault();
@@ -19,6 +24,27 @@
return $('#messages').empty();
};
+ update_user = function(submitEvent) {
+ var form = submitEvent.target;
+ var token = form.dataset.token;
+ var url = form.action;
+ var req = $.ajax({
+ url: url,
+ type: 'PUT',
+ headers: { Authorization: 'Token token="' + token + '"' },
+ data: $(form).serialize()
+ });
+ req.done( function() {
+ $(form).find('input[type="submit"]').button('reset');
+ });
+ };
+
+ markAsSubmitted = function(submitEvent) {
+ var form = submitEvent.target;
+ $(form).addClass('submitted')
+ // bootstrap loading state:
+ $(form).find('input[type="submit"]').button('loading');
+ };
//
// PUBLIC FUNCTIONS
@@ -70,12 +96,15 @@
//
$(document).ready(function() {
+ $('form').submit(markAsSubmitted);
$('#new_user').submit(prevent_default);
$('#new_user').submit(srp.signup);
$('#new_session').submit(prevent_default);
$('#new_session').submit(srp.login);
$('#update_login_and_password').submit(prevent_default);
$('#update_login_and_password').submit(srp.update);
+ $('#update_pgp_key').submit(prevent_default);
+ $('#update_pgp_key').submit(update_user);
return $('#user-typeahead').typeahead({
source: poll_users
});
diff --git a/users/app/controllers/v1/sessions_controller.rb b/users/app/controllers/v1/sessions_controller.rb
index 1b20a82..eb6c322 100644
--- a/users/app/controllers/v1/sessions_controller.rb
+++ b/users/app/controllers/v1/sessions_controller.rb
@@ -24,6 +24,7 @@ module V1
def update
authenticate!
@token = Token.create(:user_id => current_user.id)
+ session[:token] = @token.id
render :json => login_response
end
diff --git a/users/app/views/users/_edit.html.haml b/users/app/views/users/_edit.html.haml
index 5f74d32..9d2473b 100644
--- a/users/app/views/users/_edit.html.haml
+++ b/users/app/views/users/_edit.html.haml
@@ -10,7 +10,8 @@
-# however, we don't want the user to change their login without generating a new key, so we hide the ui for this
-# (although it works perfectly fine to change username if the field was visible).
-#
-- form_options = {:url => '/not-used', :html => {:class => user_form_class('form-horizontal'), :id => 'update_login_and_password'}, :validate => true}
+
+- form_options = {:url => '/not-used', :html => {:class => user_form_class('form-horizontal'), :id => 'update_login_and_password', :data => {token: session[:token]}}, :validate => true}
= simple_form_for @user, form_options do |f|
%legend= t(:change_password)
= hidden_field_tag 'user_param', @user.to_param
@@ -28,13 +29,13 @@
-# this will be replaced by a identities controller/view at some point
-#
-- form_options = {:html => {:class => user_form_class('form-horizontal'), :id => 'update_pgp_key'}, :validate => true}
+- form_options = {:html => {:class => user_form_class('form-horizontal'), :id => 'update_pgp_key', :data => {token: session[:token]}}, :validate => true}
= simple_form_for [:api, @user], form_options do |f|
%legend= t(:advanced_options)
= f.input :public_key, :as => :text, :hint => t(:use_ascii_key), :input_html => {:class => "full-width", :rows => 4}
.control-group
.controls
- = f.submit t(:save), :class => 'btn'
+ = f.submit t(:save), :class => 'btn', :data => {"loading-text" => "Saving..."}
-#
-# DESTROY ACCOUNT