Sha256: dbfd117fa683676bf6233bc05547952f5801ae82ac3baee0869697289b5e6472

Contents?: true

Size: 732 Bytes

Versions: 5

Compression:

Stored size: 732 Bytes

Contents

# frozen_string_literal: true

module QuoVadis
  class TwofasController < QuoVadisController
    before_action :require_password_authentication

    def show
      @recovery_codes_count = account.recovery_codes.count
    end

    def destroy
      account.totp&.destroy
      account.recovery_codes.delete_all
      account.sessions.each &:reset_authenticated_with_second_factor  # OWASP ASV v4.0, 2.8.6
      qv.log account, Log::TWOFA_DEACTIVATED
      QuoVadis.notify :twofa_deactivated_notification, email: authenticated_model.email
      redirect_to twofa_path, notice: QuoVadis.translate('flash.2fa.invalidated'), status: :see_other
    end

    private

    def account
      authenticated_model.qv_account
    end
  end
end

Version data entries

5 entries across 5 versions & 1 rubygems

Version Path
quo_vadis-2.2.4 app/controllers/quo_vadis/twofas_controller.rb
quo_vadis-2.2.2 app/controllers/quo_vadis/twofas_controller.rb
quo_vadis-2.2.1 app/controllers/quo_vadis/twofas_controller.rb
quo_vadis-2.2.0 app/controllers/quo_vadis/twofas_controller.rb
quo_vadis-2.1.11 app/controllers/quo_vadis/twofas_controller.rb