Adding e-mail confirmations

app/assets/stylesheets/application.scss

@@ -104,6 +104,7 @@ body {
 .logo-container {
   max-width: 400px;
   margin: 100px auto;
+  margin-bottom: 0;
   cursor: default;
 
   @media screen and (max-width: 360px) {
@@ -276,6 +277,13 @@ body {
     }
   }
 
+  .flash-message {
+    text-align: center;
+    font-size: 14px;
+    margin-bottom: 30px;
+    font-weight: 500;
+  }
+
   .form-footer {
     margin-top: 30px;
     text-align: center;

app/controllers/application_controller.rb

@@ -10,7 +10,7 @@ class ApplicationController < ActionController::Base
   rescue_from ActionController::RoutingError, with: :not_found
   rescue_from ActiveRecord::RecordNotFound, with: :not_found
 
-  before_filter :store_current_location, :unless => :devise_controller?
+  before_action :store_current_location, :unless => :devise_controller?
 
   def raise_not_found
     raise ActionController::RoutingError, "No route matches #{params[:unmatched_route]}"

app/controllers/auth/confirmations_controller.rb

@@ -0,0 +1,3 @@
+class Auth::ConfirmationsController < Devise::ConfirmationsController
+  layout 'auth'
+end

app/controllers/auth/sessions_controller.rb

@@ -12,6 +12,12 @@ class Auth::SessionsController < Devise::SessionsController
   protected
 
   def after_sign_in_path_for(_resource)
-    stored_location_for(:user) || root_path
+    last_url = stored_location_for(:user)
+
+    if [about_path].include?(last_url)
+      root_path
+    else
+      last_url || root_path
+    end
   end
 end

app/models/user.rb

@@ -1,5 +1,5 @@
 class User < ApplicationRecord
-  devise :database_authenticatable, :registerable, :recoverable, :rememberable, :trackable, :validatable
+  devise :database_authenticatable, :registerable, :recoverable, :rememberable, :trackable, :validatable, :confirmable
 
   belongs_to :account, inverse_of: :user
   accepts_nested_attributes_for :account

app/views/auth/confirmations/new.html.haml

@@ -0,0 +1,9 @@
+= form_for(resource, as: resource_name, url: confirmation_path(resource_name), html: { method: :post }) do |f|
+  = devise_error_messages!
+
+  .field
+    = f.email_field :email, autofocus: true, required: true, placeholder: 'E-mail address'
+  .actions
+    = f.button "Resend confirmation instructions", type: 'submit'
+
+.form-footer= render "auth/shared/links"

app/views/auth/mailer/confirmation_instructions.html.erb

@@ -0,0 +1,5 @@
+<p>Welcome <%= @resource.email %>!</p>
+
+<p>You can confirm your account email through the link below:</p>
+
+<p><%= link_to 'Confirm my account', confirmation_url(@resource, confirmation_token: @token) %></p>

app/views/auth/passwords/edit.html.erb

@@ -1,25 +0,0 @@
-<h2>Change your password</h2>
-
-<%= form_for(resource, as: resource_name, url: password_path(resource_name), html: { method: :put }) do |f| %>
-  <%= devise_error_messages! %>
-  <%= f.hidden_field :reset_password_token %>
-
-  <div class="field">
-    <%= f.label :password, "New password" %><br />
-    <% if @minimum_password_length %>
-      <em>(<%= @minimum_password_length %> characters minimum)</em><br />
-    <% end %>
-    <%= f.password_field :password, autofocus: true, autocomplete: "off" %>
-  </div>
-
-  <div class="field">
-    <%= f.label :password_confirmation, "Confirm new password" %><br />
-    <%= f.password_field :password_confirmation, autocomplete: "off" %>
-  </div>
-
-  <div class="actions">
-    <%= f.submit "Change my password" %>
-  </div>
-<% end %>
-
-<%= render "devise/shared/links" %>

app/views/auth/passwords/edit.html.haml

@@ -0,0 +1,12 @@
+= form_for(resource, as: resource_name, url: password_path(resource_name), html: { method: :put }) do |f|
+  = devise_error_messages!
+  = f.hidden_field :reset_password_token
+
+  .field
+    = f.password_field :password, autofocus: true, autocomplete: "off", placeholder: 'New password'
+  .field
+    = f.password_field :password_confirmation, autocomplete: "off", placeholder: 'Confirm new password'
+  .actions
+    = f.button "Change my password", type: :submit
+
+= render "devise/shared/links"

app/views/auth/shared/_links.html.haml

@@ -13,7 +13,3 @@
 
   - if devise_mapping.lockable? && resource_class.unlock_strategy_enabled?(:email) && controller_name != 'unlocks'
     %li= link_to "Didn't receive unlock instructions?", new_unlock_path(resource_name)
-
-  - if devise_mapping.omniauthable?
-    - resource_class.omniauth_providers.each do |provider|
-      %li= link_to "Sign in with #{OmniAuth::Utils.camelize(provider)}", omniauth_authorize_path(resource_name, provider)

app/views/layouts/auth.html.haml

@@ -7,6 +7,12 @@
           %small= Rails.configuration.x.local_domain
 
     .form-container
+      - if flash[:notice]
+        .flash-message.notice= flash[:notice]
+
+      - if flash[:alert]
+        .flash-message.alert= flash[:alert]
+
       = yield
 
 = render template: "layouts/application"

config/routes.rb

@@ -15,7 +15,8 @@ Rails.application.routes.draw do
   devise_for :users, path: 'auth', controllers: {
     sessions:           'auth/sessions',
     registrations:      'auth/registrations',
-    passwords:          'auth/passwords'
+    passwords:          'auth/passwords',
+    confirmations:      'auth/confirmations'
   }
 
   resources :accounts, path: 'users', only: [:show], param: :username do

db/migrate/20161003142332_add_confirmable_to_users.rb

@@ -0,0 +1,9 @@
+class AddConfirmableToUsers < ActiveRecord::Migration[5.0]
+  def change
+    add_column :users, :confirmation_token, :string
+    add_column :users, :confirmed_at, :datetime
+    add_column :users, :confirmation_sent_at, :datetime
+    add_column :users, :unconfirmed_email, :string
+    add_index :users, :confirmation_token, unique: true
+  end
+end

db/schema.rb

@@ -10,7 +10,7 @@
 #
 # It's strongly recommended that you check this file into your version control system.
 
-ActiveRecord::Schema.define(version: 20160926213048) do
+ActiveRecord::Schema.define(version: 20161003142332) do
 
   # These are extensions that must be enabled in order to support this database
   enable_extension "plpgsql"
@@ -158,7 +158,12 @@ ActiveRecord::Schema.define(version: 20160926213048) do
     t.inet     "current_sign_in_ip"
     t.inet     "last_sign_in_ip"
     t.boolean  "admin",                  default: false
+    t.string   "confirmation_token"
+    t.datetime "confirmed_at"
+    t.datetime "confirmation_sent_at"
+    t.string   "unconfirmed_email"
     t.index ["account_id"], name: "index_users_on_account_id", using: :btree
+    t.index ["confirmation_token"], name: "index_users_on_confirmation_token", unique: true, using: :btree
     t.index ["email"], name: "index_users_on_email", unique: true, using: :btree
     t.index ["reset_password_token"], name: "index_users_on_reset_password_token", unique: true, using: :btree
   end

spec/fabricators/user_fabricator.rb

@@ -1,5 +1,6 @@
 Fabricator(:user) do
   account
-  email    "alice@example.com"
+  email        "alice@example.com"
-  password "123456789"
+  password     "123456789"
+  confirmed_at { Time.now }
 end