Sha256: a7bb17250c828c200f4d5bcaeac4f5ea1a57e7e4e2fde8664701c51f95bc724b

Contents?: true

Size: 1007 Bytes

Versions: 3

Compression:

Stored size: 1007 Bytes

Contents

module Devise
  module Strategies
    class TwoFactorAuthenticatable < Devise::Strategies::DatabaseAuthenticatable

      def authenticate!
        resource = mapping.to.find_for_database_authentication(authentication_hash)
        # We authenticate in two cases:
        # 1. The password and the OTP are correct
        # 2. The password is correct, and OTP is not required for login
        # We check the OTP, then defer to DatabaseAuthenticatable
        if validate(resource) { !resource.otp_required_for_login ||
                                resource.valid_otp?(params[scope]['otp_attempt']) }
          super
        end

        fail(:not_found_in_database) unless resource

        # We want to cascade to the next strategy if this one fails,
        # but database authenticatable automatically halts on a bad password
        @halted = false if @result == :failure
      end
    end
  end
end

Warden::Strategies.add(:two_factor_authenticatable, Devise::Strategies::TwoFactorAuthenticatable)

Version data entries

3 entries across 3 versions & 1 rubygems

Version Path
devise-two-factor-1.0.2 lib/devise_two_factor/strategies/two_factor_authenticatable.rb
devise-two-factor-1.0.1 lib/devise_two_factor/strategies/two_factor_authenticatable.rb
devise-two-factor-1.0.0 lib/devise_two_factor/strategies/two_factor_authenticatable.rb