Cleanup & simplify sign in

monorkin · monorkin · commit 5dbbcaaa6b74 · 2025-12-05T11:53:01.000+01:00
diff --git a/app/controllers/concerns/authentication.rb b/app/controllers/concerns/authentication.rb
@@ -108,8 +108,9 @@ def ensure_development_magic_link_not_leaked
     end
 
     def serve_development_magic_link(magic_link)
-      if Rails.env.development?
-        flash[:magic_link_code] = magic_link&.code
+      if Rails.env.development? && magic_link.present?
+        flash[:magic_link_code] = magic_link.code
+        response.set_header("X-Magic-Link-Code", magic_link.code)
       end
     end
 end
diff --git a/app/controllers/identities_controller.rb b/app/controllers/identities_controller.rb
@@ -1,6 +1,6 @@
 class IdentitiesController < ApplicationController
   disallow_account_scope
-  
+
   def show
     @identity = Current.identity
   end
diff --git a/app/controllers/sessions/magic_links_controller.rb b/app/controllers/sessions/magic_links_controller.rb
@@ -30,11 +30,11 @@ def respond_to_valid_code_from(magic_link)
 
         format.json do
           new_access_token = magic_link.identity.access_tokens.create!(permission: :write)
-          render json: { 
+          render json: {
             email_address: magic_link.identity.email_address,
             access_token: new_access_token.token,
             users: magic_link.identity.users
-           }
+          }
         end
       end
     end
@@ -55,7 +55,8 @@ def after_sign_in_url(magic_link)
     end
 
     def rate_limit_exceeded
-      rate_limit_exceeded_message = "Try again later."
+      rate_limit_exceeded_message = "Try again in 15 minutes."
+
       respond_to do |format|
         format.html { redirect_to session_magic_link_path, alert: rate_limit_exceeded_message }
         format.json { render json: { message: rate_limit_exceeded_message }, status: :too_many_requests }
diff --git a/app/controllers/sessions_controller.rb b/app/controllers/sessions_controller.rb
@@ -9,18 +9,17 @@ def new
   end
 
   def create
-
-    identity = Identity.find_by_email_address(email_address)
-    magic_link = identity&.send_magic_link
+    if identity = Identity.find_by_email_address(email_address)
+      magic_link = identity.send_magic_link
+      serve_development_magic_link(magic_link)
+    end
 
     respond_to do |format|
-      format.html do 
-        serve_development_magic_link(magic_link)
+      format.html do
         redirect_to session_magic_link_path
       end
 
       format.json do
-        response.set_header("X-Magic-Link-Code", magic_link&.code) if Rails.env.development? && magic_link
         head :created
       end
     end
@@ -38,6 +37,7 @@ def email_address
 
     def rate_limit_exceeded
       rate_limit_exceeded_message = "Try again later."
+
       respond_to do |format|
         format.html { redirect_to new_session_path, alert: rate_limit_exceeded_message }
         format.json { render json: { message: rate_limit_exceeded_message }, status: :too_many_requests }
diff --git a/app/views/identities/show.json.jbuilder b/app/views/identities/show.json.jbuilder
@@ -2,5 +2,5 @@ json.accounts @identity.users do |user|
   json.partial! "identities/account", account: user.account
   json.user do
     json.partial! "users/user", user: user
-  end  
+  end
 end
