Sha256: c85702df98904ad311d0330d97389e20566dda9c1425849029964718eb2c97f7
Contents?: true
Size: 1.37 KB
Versions: 3
Compression:
Stored size: 1.37 KB
Contents
# frozen_string_literal: true
module QuoVadis
class RecoveryCodesController < ApplicationController
before_action :require_password_authentication
def index
@codes = flash[:recovery_codes]
@recovery_code_count = account.recovery_codes.count
end
def challenge
end
def authenticate
if account.recovery_codes.detect { |rc| rc.authenticate_code params[:code] }
qv.log account, Log::RECOVERY_CODE_SUCCESS
qv.replace_session
qv.session_authenticated_with_second_factor
reset_totp
redirect_to qv.path_after_authentication,
notice: QuoVadis.translate('flash.recovery_code.success',
count: account.recovery_codes.count)
else
qv.log account, Log::RECOVERY_CODE_FAILURE
flash.now[:alert] = QuoVadis.translate('flash.recovery_code.unverified')
render :challenge
end
end
def generate
qv.log account, Log::RECOVERY_CODE_GENERATE
QuoVadis.notify :recovery_codes_generation_notification, email: authenticated_model.email
account.recovery_codes.delete_all
flash[:recovery_codes] = account.generate_recovery_codes
redirect_to quo_vadis.recovery_codes_path
end
private
def account
authenticated_model.qv_account
end
def reset_totp
account.totp&.destroy
end
end
end
Version data entries
3 entries across 3 versions & 1 rubygems