Merge pull request #321 from ncbo/feature/add-signup-fields/315

Add support for GitHub and ORCID identifiers, plus enhancements to user account management
ontoportal-lirmm · Jul 24, 2024 · 2cbaee0 · 2cbaee0
2 parents a1ce9d1 + 466e8fc
commit 2cbaee0
Show file tree

Hide file tree

Showing 21 changed files with 471 additions and 387 deletions.
diff --git a/app/assets/stylesheets/account.scss b/app/assets/stylesheets/account.scss
@@ -0,0 +1,53 @@
+.signup {
+  display: flex;
+  align-items: center;
+  justify-content: center;
+  padding-top: 40px;
+  padding-bottom: 40px;
+}
+
+.form-signup {
+  width: 100%;
+  max-width: 400px;
+  padding: 15px;
+  margin: 0 auto;
+
+  a {
+    text-decoration: none;
+  }
+
+  a:hover {
+    text-decoration: underline;
+  }
+
+  h4, p {
+    text-align: center;
+  }
+}
+
+.form-signup .enable-lists {
+  color: red;
+}
+
+.edit-user-info {
+  display: flex;
+  align-items: center;
+  justify-content: center;
+
+  form {
+    width: 100%;
+    max-width: 640px;
+    padding: 15px;
+    margin: 0 auto;
+  }
+}
+
+.account-info {
+  a {
+    text-decoration: none;
+  }
+
+  a:hover {
+    text-decoration: underline;
+  }
+}
diff --git a/app/assets/stylesheets/application.css.scss b/app/assets/stylesheets/application.css.scss
@@ -24,11 +24,13 @@
 
 /* BioPortal */
 @import "admin";
+@import "account";
 @import "annotator";
 @import "bioportal";
 @import "concepts";
 @import "footer";
 @import "home";
+@import "login";
 @import "mappings";
 @import "notes";
 @import "notice";

diff --git a/app/assets/stylesheets/login.scss b/app/assets/stylesheets/login.scss
@@ -0,0 +1,41 @@
+.signin {
+  display: flex;
+  align-items: center;
+  justify-content: center;
+  padding-top: 40px;
+  padding-bottom: 40px;
+}
+
+.form-signin {
+  width: 100%;
+  max-width: 400px;
+  padding: 15px;
+  margin: 0 auto;
+
+  a {
+    text-decoration: none;
+  }
+
+  a:hover {
+    text-decoration: underline;
+  }
+
+  h4, p {
+    text-align: center;
+  }
+}
+
+.form-signin .enable-lists {
+  color: red;
+}
+
+.password-reset {
+  display: flex;
+  justify-content: center;
+  padding-top: 40px;
+  padding-bottom: 40px;
+
+  form {
+    max-width: 640px;
+  }
+}
diff --git a/app/controllers/home_controller.rb b/app/controllers/home_controller.rb
@@ -107,11 +107,15 @@ def account
     @user_ontologies = @user.customOntology
     @user_ontologies ||= []
 
-    onts = LinkedData::Client::Models::Ontology.all
-    @admin_ontologies = onts.select { |o| o.administeredBy.include? @user.id }
+    @admin_ontologies = LinkedData::Client::Models::Ontology.where do |o|
+      o.administeredBy.include? @user.id
+    end
+    @admin_ontologies.sort! { |a, b| a.name.downcase <=> b.name.downcase }
 
-    projects = LinkedData::Client::Models::Project.all
-    @user_projects = projects.select { |p| p.creator.include? @user.id }
+    @user_projects = LinkedData::Client::Models::Project.where do |p|
+      p.creator.include? @user.id
+    end
+    @user_projects.sort! { |a, b| a.name.downcase <=> b.name.downcase }
 
     render 'users/show'
   end

diff --git a/app/controllers/login_controller.rb b/app/controllers/login_controller.rb
@@ -1,13 +1,14 @@
-class LoginController < ApplicationController
+# frozen_string_literal: true
 
+class LoginController < ApplicationController
   layout :determine_layout
 
   def index
     # Sets the redirect properties
     if params[:redirect]
       # Get the original, encoded redirect
       uri = URI.parse(request.url)
-      orig_params = Hash[uri.query.split("&").map {|e| e.split("=",2)}].symbolize_keys
+      orig_params = Hash[uri.query.split("&").map { |e| e.split("=", 2) }].symbolize_keys
       session[:redirect] = orig_params[:redirect]
     else
       session[:redirect] = request.referer
@@ -17,31 +18,30 @@ def index
   # logs in a user
   def create
     @errors = validate(params[:user])
-    if @errors.size < 1
+    if @errors.empty?
       logged_in_user = LinkedData::Client::Models::User.authenticate(params[:user][:username], params[:user][:password])
       if logged_in_user && !logged_in_user.errors
         login(logged_in_user)
-        redirect = "/"
+        redirect = '/'
 
         if session[:redirect]
           redirect = CGI.unescape(session[:redirect])
         end
 
-
         redirect_to redirect
       else
-        @errors << "Invalid account name/password combination"
-        render :action => 'index'
+        @errors << 'Invalid account name/password combination'
+        render 'index'
       end
     else
-      render :action => 'index'
+      render 'index'
     end
   end
 
   # Login as the provided username (only for admin users)
   def login_as
     unless session[:user] && session[:user].admin?
-      redirect_to "/"
+      redirect_to '/'
       return
     end
 
@@ -54,8 +54,8 @@ def login_as
       session[:user].apikey = session[:admin_user].apikey
     end
 
-    #redirect_to request.referer rescue redirect_to "/"
-    redirect_to "/"
+    # redirect_to request.referer rescue redirect_to "/"
+    redirect_to '/'
   end
 
   # logs out a user
@@ -67,65 +67,62 @@ def destroy
       flash[:success] = "Logged out <b>#{old_user.username}</b>, returned to <b>#{session[:user].username}</b>".html_safe
     else
       session[:user] = nil
-      flash[:success] = "You have successfully logged out"
+      flash[:success] = 'You have successfully logged out'
     end
-    redirect_to request.referer || "/"
+    redirect_to request.referer || '/'
   end
 
-  def lost_password
-  end
+  def lost_password; end
 
   # Sends a new password to the user
   def send_pass
     username = params[:user][:account_name]
     email = params[:user][:email]
-    resp = LinkedData::Client::HTTP.post("/users/create_reset_password_token", {username: username, email: email})
+    resp = LinkedData::Client::HTTP.post('/users/create_reset_password_token', { username: username, email: email })
 
     if resp.nil?
-      redirect_to login_index_path, notice: "Please check your email for a message with reset instructions"
+      redirect_to login_index_path, notice: 'Please check your email for a message with reset instructions'
     else
-      flash[:notice] = resp.errors.first + ". Please try again."
-      redirect_to "/lost_pass"
+      flash[:notice] = "#{resp.errors.first}. Please try again."
+      redirect_to '/lost_pass'
     end
   end
 
   def reset_password
     username = params[:un]
     email = params[:em]
     token = params[:tk]
-    @user = LinkedData::Client::HTTP.post("/users/reset_password", {username: username, email: email, token: token})
+    @user = LinkedData::Client::HTTP.post('/users/reset_password', { username: username, email: email, token: token })
     if @user.is_a?(LinkedData::Client::Models::User)
-      @user.validate_password = true
       login(@user)
-      render "users/edit"
+      render 'passwords/edit'
     else
-      flash[:notice] = @user.errors.first + ". Please reset your password again."
-      redirect_to "/lost_pass"
+      flash[:notice] = "#{@user.errors.first}. Please reset your password again."
+      redirect_to '/lost_pass'
     end
   end
 
   private
 
   def login(user)
     return unless user
+
     session[:user] = user
     custom_ontologies_text = session[:user].customOntology && !session[:user].customOntology.empty? ? "The display is now based on your <a href='/account#custom_ontology_set'>Custom Ontology Set</a>." : ""
     notice = "Welcome <b>" + user.username.to_s + "</b>! " + custom_ontologies_text
     flash[:success] = notice.html_safe
   end
 
   def validate(params)
-    errors=[]
+    errors = []
 
-    if params[:username].nil? || params[:username].length <1
-      errors << "Please enter an account name"
+    if params[:username].empty?
+      errors << 'Please enter an account name'
     end
-    if params[:password].nil? || params[:password].length <1
-      errors << "Please enter a password"
+    if params[:password].empty?
+      errors << 'Please enter a password'
     end
 
-    return errors
+    errors
   end
-
-
 end
diff --git a/app/controllers/passwords_controller.rb b/app/controllers/passwords_controller.rb
@@ -0,0 +1,45 @@
+# frozen_string_literal: true
+
+class PasswordsController < ApplicationController
+  before_action :require_logged_in_user
+  before_action :set_user
+
+  layout :determine_layout
+
+  def edit; end
+
+  def update
+    if params[:password] != params[:password_confirmation]
+      flash.now[:warning] = 'New password and password confirmation do not match. Please try again.'
+      render 'edit'
+      return
+    end
+
+    response = @user.update(values: { password: params[:password] })
+    if response_error?(response)
+      @errors = response_errors(response)
+      render 'edit'
+    else
+      flash[:success] = 'Password successfully updated!'
+      redirect_to user_path(@user.username)
+    end
+  end
+
+  private
+
+  def password_params
+    p = params.permit(:password, :password_confirmation)
+    p.to_h
+  end
+
+  def require_logged_in_user
+    if session[:user].blank?
+      flash[:warning] = 'You must be logged in to access that page'
+      redirect_to login_index_path
+    end
+  end
+
+  def set_user
+    @user = session[:user]
+  end
+end