* Extract verification flow logic into VerificationFlow concern
Move document submission handling and helper methods from
VerificationsController into a reusable concern:
- setup_document_step, handle_document_submission
- process_legal_name, process_aadhaar_number
- create_verification, document_params
- verification_should_redirect? helper
Extract document form into shared partial for reuse across
regular and portal verification flows.
* Extract address building into AddressManagement concern
Move build_address helper into a shared concern for reuse
between AddressesController and Portal::AddressesController.
* Add PortalFlow concern and base controller for external app flows
PortalFlow provides secure redirect handling for portal flows:
- Validates return URLs against registered Program redirect URIs
- Stores validated URLs in session to prevent tampering
- Allows localhost in non-production environments
- Provides redirect helpers with portal_status query param
Portal::BaseController uses logged_out layout with portal_wrapper
content block for minimal UI.
* Add portal controllers and routes for external app integration
Portal::VerificationsController handles document verification flow
triggered by external OAuth apps, with status-based redirects.
Portal::AddressesController handles address collection with manage
view for users who already have addresses.
Routes:
- GET/POST/DELETE /portal/verify
- GET/POST /portal/address
- GET /portal/address/done
Also adds make_primary member route to addresses resource.
* Add HTMX support to AddressesController for dynamic updates
Refactor AddressesController:
- Extract create/primary logic into helper methods
- Add HTMX-aware response methods for partial updates
- Support portal context detection for shared address list
Add partials:
- _address_list.html.erb: Shared address list with HTMX actions
- _edit_form.html.erb: Inline edit form for HTMX requests
- Update _form.html.erb with HTMX form attributes when target provided
Address list supports both regular and portal contexts with
appropriate HTMX targets and translations.
* Add portal views and translations
Portal views:
- verifications/document.html.erb: Document upload for portal flow
- verifications/pending.html.erb: Pending verification status
- addresses/portal.html.erb: Initial address collection form
- addresses/manage.html.erb: Address list for existing addresses
Update logged_out layout to support portal_wrapper content block
with minimal brand header for portal flows. Add HTMX CSRF header.
Add translations for portal verification and address flows.
* Add Program.official scope and update address styles
Add scope to filter HQ-official programs.
Update address styles for portal and HTMX address management:
- Improved address card layout with flex
- Add address card and button styles
- Pending verification card styles
- Portal done button styling
* fix address nit?
* INITIAL SAML SUPPORT WOO YEA BABEY
it works?
* wawa
* mwaow
* b
* WOAG
* mph
* bunch more stuff
* new OAuth screen
* add trust level to oauth apps
* [community oauth] new scopes, validate only some community ones
* bleh
* my info first pass
* sessions and 2fa
* oauth authorizations/revoke
* nuke sms
* fix drift
* remove hcid on ident#edit
* attack our rack?
* session fixation't
* first pass at stepup auth
* eye eighteen en
* fix brand
* think that does it for dev mode!
* add promote to full user button
* first crack at landing page
* better sessions
* better id edit
* better verf
* less css pass 1
* add phone no
* better cssed?
* securité
* switch from slocks
* HCA
* touch last seen at
* session fingerprinting
* improved?
* localize scopes
* add proper oauth welcome
* eepier tutorial
* how long was that like that?!
* common blankslate
* better addresses?
* [backend] fix reprovisioning and promotion
* improve addresses
* ICONS, BEAUTIFUL ICONS
* primary sidebar
* saml welcome?
* new totp flow?
* marginally better login sec
* better print for backup codes!
* MASSIVE LINT PASS
* autocompletes
* woops
* new staging
* actual login code txnl
* no more legacy slack account linking
* fake slack in staging
* no account yet?
* add samls for staging
* fix slack_staging
* lint
* frickin' xmlsec
* no validate keys ?
* AUGH
* ASGJHFGSDJFG
* shoot me
* aieeeee
* SCHEIßE
* no more attempt association on code
* believe in prefers-color-scheme
* fix verf icon
* nuke vestigial aadhaar functionality
thanks deployor!
* fix xmlsec on gh ci
* remove identity (#27)
* move idcon flashes to locale
* remove dead code impersonation logic
h/t ian!
* fix hx-confirm on delete address?
* add missing dev app locale key
* fix#28
* wait, i'm an idiot (#28)
* THERE WE GO
* add paper_trail to more stuff
* red delete btn
* more red delete btns
* THE AUDIT LOGS UPDATE
* yuge lint pass
* Fix icons (#33)
Some icons didn't have a fill nor a viewbox
* weh
* first pass at docs
* memoize docs, fix 404
* [docs] add crappy erb support
* support non-e+ flow
* fix no devmode locale
* DOCS DOCS DOCS
* tldr dev doc
* anti-clickjacking countdown (h/t @J-Meow)
* weh
* get rid of those, they do nothing for us
* dependent destroy
* find user via scim if ent
* save nav channel ids
* fix base onboarding scenario
* only unique among the living
* add SAML debug
* simplify legacy_email
* add UAT env
* we ARE
* add slack to uat
* no entity id?
* fix saml if logged out
* fix scim assignment?
* bring channels into config
* darn it
* try backoff on assign_to_workspace?? this feels problematic
* do the scim docs lie?
* that was dumb
* Revert "do the scim docs lie?"
This reverts commit 69310dbef9476f2103d7a8280966a7fdf732129b.
* Revert "try backoff on assign_to_workspace?? this feels problematic"
This reverts commit 7a5edd67aa3836df1f31d628566e9ea69589c269.
* this some bull shit
* internal tutorial by default
* 18 point something
* fixes: componentize login, no more viewcontext, parse sp-initiated saml better
* one return to.
* just send it
* fix replay bug
* fix URL in welcome docs page (#38)
* simplify login/signup flow, s/faq/terms + privacy
* no more H... we hardly knew you
* first pass at reddening
* red pt. 2
* she's red for an AMAZING reason
* lint pass
* fix tooled tips
* another docs pass
* initial pass at factorybotting docs
* scope diffing for api docs!
* wait we don't need a legend lol
* add verf status to community apps
* fricken lint
* make current_user not nomethod
* move are_we_enterprise_yet to a flipper flag
* improve slack racing
* allow not creating slack
* factorybot in prod for api docs!
* LOL, LMAO
* properly set owner on oauthorizations
* lint pass
* bypass age on existing users
* fix that...
---------
Co-authored-by: Leo <leo@wilkin.xyz>
Co-authored-by: Tom (Deployor) <129990841+deployor@users.noreply.github.com>
Co-authored-by: DaInfLoop <github@dainfloop.is-a.dev>
