5
r-fu
5y

Let me rant! I don’t usually do this but this is just frustrating and draining. Please tell me if im wrong. We have authentication that needs to be refactored. I was assigned on this issue. Im a junior btw. I also attached an image of my proposals. The issue of the old way of our signup process is that when validation fails they will keep on accepting the TaC (terms and conditions) and on our create method we have the validation and creating the user. Basically if User.create(user_params) create else throw invalid end. (Imma take a photo later and show it you)which needs to be refactored. So I created a proposal 1. On my first proposal I could create a middleware to check if the body is correct or valid if its valid show the TaCs and if they accept thats the moment the user is created. There is also additional delete user because DoE told me that we dont need middlewares we have before and after hooks! (I wanted to puke here clearly he doesn’t understand the request and response cycle and separation of concerns) anyway, so if middleware is not accepted then i have to delete the user if they dont accept the TaCs. Proposal 2. If they dont want me to touch the create method i could just show the TaCs and if they dont accept then redirect if they do then show form and do the sign process.

This whats weird (weird because he has a lot of experience and has master or phd) he proposes to create a method called validate (this method is in the same controller as the create, i think hes thinking about hooks) call it first and if it fails then response with error and dont save user, heres the a weird part again he wants me to manually check on each entity. Like User.find_by_email(bs@g.com) something like that and on my mind wtf. Isnt it the same as User.create(user_params) because this will return false if paras are invalid?? (I might be wrong here)

This is not the first time though He proposes solutions that are complex, inefficient, unmaintainable. And i think he doesnt understand ruby on rails or webdev in particular. This the first time i complained or I never complained because im thinking im just a junior and he hs more experience and has a higher degree. This is mot the case here though. I guess not all person who has a higher degree are right. To all self thought and bachelors im telling you not all people who went to prestige university and has a higher degree are correct and right all the time. Anyway ill continue later and do what he says. Let me know if im wrong please. Thanks

Comments
  • 0
    @drac94 its on the web. We dont have mobile and our app is not responsive. Its been like this. For the delete user i just added that if they dont want me to use middleware. Because the code is something like this

    @user = User.create(user_params)
    If @user.persisted?
    else
    // response with error
    end

    So basically if the user submits it will create and if they decline the TaCs then the user still created.

    I also think about that. The check box but i will have to move a lot of code since its a component that relies on another components. Basically is coupled.
  • 0
    def create
    # retrieve corporate-signup-specific params, and delete
    type = params[:spree_user][:type]
    company_id = params[:spree_user][:company_id]
    corporate_token = params[:spree_user][:corporate_token]
    coupon_code = params[:spree_user][:couponCode]

    params[:spree_user].delete :type
    params[:spree_user].delete :company_id
    params[:spree_user].delete :corporate_token
    params[:spree_user].delete :couponCode

    @user = User.create(spree_user_params)
    @order = current_order

    if @user.persisted?
    # if type exists and is 'corporate', setup / validate membership
    if type == 'corporate'
    corporate_account = CorporateAccount.find_by_company_id(company_id)
    if corporate_account
    if corporate_account.corporate_token == corporate_token
    @user.membership.update(corporate_account: corporate_account)
    else
  • 0
    @user.destroy
    corporate_account.errors.add(:corporate_token, "Company Password does not match")
    invalid_resource!(corporate_account)
    return
    end
    else
    @user.destroy
    corporate_account = CorporateAccount.new
    corporate_account.errors.add(:company_id, "Company ID does not exist")
    invalid_resource!(corporate_account)
    return
    end
    end

    set_coupon('signup', 'individual', coupon_code, @user)

    sign_in(:spree_user, @user)
    @order.update(user: @user) if @order && !@order.user
    @user.generate_spree_api_key!

    render_user
    else
    invalid_resource!(@user)
    end
    end
  • 0
    on this comment, the previous 2 comments are the code . for our authentication and validation. if you copy paste that one youll see. sorry they dont have markdown. can you let me know if im wrong. @drac94
Add Comment