Contents

class TwoFactorAuthentication::ChallengesController < ApplicationController
  skip_before_action :authenticate

  before_action :set_user

  def new
  end

  def create
    @totp = ROTP::TOTP.new(@user.otp_secret, issuer: "YourAppName")

    if @totp.verify(params[:code], drift_behind: 15)
      session = @user.sessions.create!
      cookies.signed.permanent[:session_token] = { value: session.id, httponly: true }

      redirect_to root_path, notice: "Signed in successfully"
    else
      redirect_to new_two_factor_authentication_challenge_path(token: params[:token]), alert: "That code didn't work. Please try again"
    end
  end

  private
    def set_user
      @user = User.find_signed!(params[:token], purpose: :authentication_challenge)
    rescue
      redirect_to sign_in_path, alert: "That's taking too long. Please re-enter your password and try again"
    end
end

Version data entries

35 entries across 35 versions & 1 rubygems

Version	Path
authentication-zero-2.16.15	lib/generators/authentication/templates/controllers/html/two_factor_authentication/challenges_controller.rb.tt
authentication-zero-2.16.14	lib/generators/authentication/templates/controllers/html/two_factor_authentication/challenges_controller.rb.tt
authentication-zero-2.16.13	lib/generators/authentication/templates/controllers/html/two_factor_authentication/challenges_controller.rb.tt
authentication-zero-2.16.12	lib/generators/authentication/templates/controllers/html/two_factor_authentication/challenges_controller.rb.tt
authentication-zero-2.16.11	lib/generators/authentication/templates/controllers/html/two_factor_authentication/challenges_controller.rb.tt
authentication-zero-2.16.10	lib/generators/authentication/templates/controllers/html/two_factor_authentication/challenges_controller.rb.tt
authentication-zero-2.16.9	lib/generators/authentication/templates/controllers/html/two_factor_authentication/challenges_controller.rb.tt
authentication-zero-2.16.8	lib/generators/authentication/templates/controllers/html/two_factor_authentication/challenges_controller.rb.tt
authentication-zero-2.16.7	lib/generators/authentication/templates/controllers/html/two_factor_authentication/challenges_controller.rb.tt
authentication-zero-2.16.6	lib/generators/authentication/templates/controllers/html/two_factor_authentication/challenges_controller.rb.tt
authentication-zero-2.16.5	lib/generators/authentication/templates/controllers/html/two_factor_authentication/challenges_controller.rb.tt
authentication-zero-2.16.4	lib/generators/authentication/templates/controllers/html/two_factor_authentication/challenges_controller.rb.tt
authentication-zero-2.16.3	lib/generators/authentication/templates/controllers/html/two_factor_authentication/challenges_controller.rb.tt
authentication-zero-2.16.2	lib/generators/authentication/templates/controllers/html/two_factor_authentication/challenges_controller.rb.tt
authentication-zero-2.16.1	lib/generators/authentication/templates/controllers/html/two_factor_authentication/challenges_controller.rb.tt
authentication-zero-2.16.0	lib/generators/authentication/templates/controllers/html/two_factor_authentication/challenges_controller.rb.tt
authentication-zero-2.15.9	lib/generators/authentication/templates/controllers/html/two_factor_authentication/challenges_controller.rb.tt
authentication-zero-2.15.8	lib/generators/authentication/templates/controllers/html/two_factor_authentication/challenges_controller.rb.tt
authentication-zero-2.15.7	lib/generators/authentication/templates/controllers/html/two_factor_authentication/challenges_controller.rb.tt
authentication-zero-2.15.6	lib/generators/authentication/templates/controllers/html/two_factor_authentication/challenges_controller.rb.tt