Sha256: 8107ca734f576779f1e2452c55bc97c240f757dae7afbcdcdf4ea5ee7f9a8046
Contents?: true
Size: 1.84 KB
Versions: 15
Compression:
Stored size: 1.84 KB
Contents
module RailsBase
class MfaAuthController < RailsBaseApplicationController
before_action :validate_token, only: [:mfa_code, :mfa_code_verify, :resend_mfa]
# GET /mfa_verify
def mfa_code
@masked_phone = User.find(@token_verifier.user_id).masked_phone
end
# POST /mfa_verify
def mfa_code_verify
mfa_validity = RailsBase::Authentication::MfaValidator.call(params: params, session_mfa_user_id: @token_verifier.user_id)
if mfa_validity.failure?
redirect_to(mfa_validity.redirect_url, alert: mfa_validity.message)
return
end
mfa_validity.user.set_last_mfa_login!
sign_in(mfa_validity.user)
redirect_to RailsBase.url_routes.authenticated_root_path, notice: "Welcome #{mfa_validity.user.full_name}"
end
# POST /mfa_verify
def resend_mfa
user = User.find(@token_verifier.user_id)
mfa_token = RailsBase::Authentication::SendLoginMfaToUser.call(user: user)
if mfa_token.failure?
flash[:error] = mfa_token.message
session[:mfa_randomized_token] = nil
redirect_to RailsBase.url_routes.new_user_session_path, email: params.dig(:user,:email), alert: mfa_token.message
return
end
expired_at = Time.zone.parse(@token_verifier.expires_at)
session[:mfa_randomized_token] =
RailsBase::Authentication::MfaSetEncryptToken.call(user: user, expires_at: expired_at).encrypted_val
redirect_to RailsBase.url_routes.mfa_code_path, notice: "MFA has been sent via SMS to number on file"
end
def validate_token
@token_verifier =
RailsBase::Authentication::SessionTokenVerifier.call(mfa_randomized_token: session[:mfa_randomized_token])
return if @token_verifier.success?
redirect_to RailsBase.url_routes.new_user_session_path, alert: @token_verifier.message
return false
end
end
end
Version data entries
15 entries across 15 versions & 1 rubygems