Sha256: e5425d6d5d75eaffc6c3e415d8247156b8aae49d615477d3adfb9d2ad5f86eb7
Contents?: true
Size: 1.83 KB
Versions: 14
Compression:
Stored size: 1.83 KB
Contents
module RailsBase
class MfaAuthController < ApplicationController
before_action :validate_token, only: [:mfa_code, :mfa_code_verify, :resend_mfa]
# GET /mfa_verify
def mfa_code
@masked_phone = User.find(@token_verifier.user_id).masked_phone
end
# POST /mfa_verify
def mfa_code_verify
mfa_validity = RailsBase::Authentication::MfaValidator.call(params: params, session_mfa_user_id: @token_verifier.user_id)
if mfa_validity.failure?
redirect_to(mfa_validity.redirect_url, alert: mfa_validity.message)
return
end
mfa_validity.user.set_last_mfa_login!
sign_in(mfa_validity.user)
redirect_to RailsBase.url_routes.authenticated_root_path, notice: "Welcome #{mfa_validity.user.full_name}"
end
# POST /mfa_verify
def resend_mfa
user = User.find(@token_verifier.user_id)
mfa_token = RailsBase::Authentication::SendLoginMfaToUser.call(user: user)
if mfa_token.failure?
flash[:error] = mfa_token.message
session[:mfa_randomized_token] = nil
redirect_to RailsBase.url_routes.new_user_session_path, email: params.dig(:user,:email), alert: mfa_token.message
return
end
expired_at = Time.zone.parse(@token_verifier.expires_at)
session[:mfa_randomized_token] =
RailsBase::Authentication::MfaSetEncryptToken.call(user: user, expires_at: expired_at).encrypted_val
redirect_to RailsBase.url_routes.mfa_code_path, notice: "MFA has been sent via SMS to number on file"
end
def validate_token
@token_verifier =
RailsBase::Authentication::SessionTokenVerifier.call(mfa_randomized_token: session[:mfa_randomized_token])
return if @token_verifier.success?
redirect_to RailsBase.url_routes.new_user_session_path, alert: @token_verifier.message
return false
end
end
end
Version data entries
14 entries across 14 versions & 1 rubygems