Sha256: a1b026bbc764d6675c2d09612211ec1229f202ed44918fe460e685069171c4cf
Contents?: true
Size: 1.16 KB
Versions: 3
Compression:
Stored size: 1.16 KB
Contents
module Devise
module Strategies
class TwoFactorAuthenticatable < Devise::Strategies::DatabaseAuthenticatable
def authenticate!
resource = mapping.to.find_for_database_authentication(authentication_hash)
# We authenticate in two cases:
# 1. The password and the OTP are correct
# 2. The password is correct, and OTP is not required for login
# We check the OTP, then defer to DatabaseAuthenticatable
if validate(resource) { validate_otp(resource) }
super
end
fail(Devise.paranoid ? :invalid : :not_found_in_database) unless resource
# We want to cascade to the next strategy if this one fails,
# but database authenticatable automatically halts on a bad password
@halted = false if @result == :failure
end
def validate_otp(resource)
return true unless resource.otp_required_for_login
return if params[scope].nil? || params[scope]['otp_attempt'].nil?
resource.validate_and_consume_otp!(params[scope]['otp_attempt'])
end
end
end
end
Warden::Strategies.add(:two_factor_authenticatable, Devise::Strategies::TwoFactorAuthenticatable)
Version data entries
3 entries across 3 versions & 1 rubygems