Sha256: 4241094957ffc67b63340e05fa1576b17d0c0c3ba2d784d30f9dd88d6c5fc8ed
Contents?: true
Size: 1.4 KB
Versions: 11
Compression:
Stored size: 1.4 KB
Contents
# frozen_string_literal: true
module QuoVadis
class RecoveryCodesController < ApplicationController
before_action :require_password_authentication
def index
@codes = flash[:recovery_codes]
@recovery_code_count = account.recovery_codes.count
end
def challenge
end
def authenticate
if account.recovery_codes.detect { |rc| rc.authenticate_code params[:code] }
qv.log account, Log::RECOVERY_CODE_SUCCESS
qv.replace_session
qv.session_authenticated_with_second_factor
reset_totp
redirect_to qv.path_after_authentication,
notice: QuoVadis.translate('flash.recovery_code.success',
count: account.recovery_codes.count)
else
qv.log account, Log::RECOVERY_CODE_FAILURE
flash.now[:alert] = QuoVadis.translate('flash.recovery_code.unverified')
render :challenge, status: :unprocessable_entity
end
end
def generate
qv.log account, Log::RECOVERY_CODE_GENERATE
QuoVadis.notify :recovery_codes_generation_notification, email: authenticated_model.email
account.recovery_codes.delete_all
flash[:recovery_codes] = account.generate_recovery_codes
redirect_to quo_vadis.recovery_codes_path
end
private
def account
authenticated_model.qv_account
end
def reset_totp
account.totp&.destroy
end
end
end
Version data entries
11 entries across 11 versions & 1 rubygems