Module: DeviseTwoFactorable::Controllers::Helpers
- Defined in:
- lib/devise_two_factorable/helpers.rb,
lib/devise_two_factorable/controllers/helpers.rb
Instance Method Summary collapse
- #authenticate_scope! ⇒ Object
-
#ensure_resource! ⇒ Object
Sanity check for resource validity.
-
#is_otp_trusted_device_for?(resource) ⇒ Boolean
is the current browser trusted?.
-
#needs_credentials_refresh?(resource) ⇒ Boolean
check if the resource needs a credentials refresh.
-
#otp_authenticator_token_image(resource) ⇒ Object
returns the URL for the QR Code to initialize the Authenticator device.
-
#otp_clear_trusted_device_for(_resource) ⇒ Object
make the current browser NOT trusted.
- #otp_fetch_refresh_return_url ⇒ Object
-
#otp_refresh_credentials_for(resource) ⇒ Object
credentials are refreshed.
-
#otp_reset_persistence_for(resource) ⇒ Object
clears the persistence list for this kind of resource.
- #otp_scoped_persistence_cookie ⇒ Object
- #otp_scoped_refresh_property ⇒ Object
- #otp_scoped_refresh_return_url_property ⇒ Object
-
#otp_set_flash_message(key, kind, options = {}) ⇒ Object
similar to DeviseController#set_flash_message, but sets the scope inside the otp controller.
- #otp_set_refresh_return_url ⇒ Object
-
#otp_set_trusted_device_for(resource) ⇒ Object
make the current browser trusted.
- #otp_t ⇒ Object
- #recovery_enabled? ⇒ Boolean
- #trusted_devices_enabled? ⇒ Boolean
Instance Method Details
#authenticate_scope! ⇒ Object
7 8 9 10 |
# File 'lib/devise_two_factorable/helpers.rb', line 7 def authenticate_scope! send(:"authenticate_#{resource_name}!", force: true) self.resource = send("current_#{resource_name}") end |
#ensure_resource! ⇒ Object
Sanity check for resource validity
39 40 41 |
# File 'lib/devise_two_factorable/helpers.rb', line 39 def ensure_resource! raise ArgumentError, 'Should not happen' if resource.nil? end |
#is_otp_trusted_device_for?(resource) ⇒ Boolean
is the current browser trusted?
67 68 69 70 71 72 73 74 75 |
# File 'lib/devise_two_factorable/helpers.rb', line 67 def is_otp_trusted_device_for?(resource) return false unless resource.class.otp_trust_persistence if [].present? .signed[] == [resource.to_key, resource.authenticatable_salt, resource.otp_persistence_seed] else false end end |
#needs_credentials_refresh?(resource) ⇒ Boolean
check if the resource needs a credentials refresh. IE, they need to be asked a password again to access this resource.
49 50 51 52 53 54 |
# File 'lib/devise_two_factorable/helpers.rb', line 49 def needs_credentials_refresh?(resource) return false unless resource.class.otp_credentials_refresh (!session[otp_scoped_refresh_property].present? || (session[otp_scoped_refresh_property] < DateTime.now)).tap { |need| otp_set_refresh_return_url if need } end |
#otp_authenticator_token_image(resource) ⇒ Object
returns the URL for the QR Code to initialize the Authenticator device
127 128 129 130 131 132 133 |
# File 'lib/devise_two_factorable/helpers.rb', line 127 def otp_authenticator_token_image(resource) data = resource.otp_provisioning_uri qrcode = RQRCode::QRCode.new(data, level: :m, mode: :byte_8bit) png = qrcode.as_png(fill: 'white', color: 'black', border_modules: 1, module_px_size: 4) url = "data:image/png;base64,#{Base64.encode64(png.to_s).strip}" image_tag(url, alt: 'OTP Authenticator QRCode') end |
#otp_clear_trusted_device_for(_resource) ⇒ Object
make the current browser NOT trusted
112 113 114 |
# File 'lib/devise_two_factorable/helpers.rb', line 112 def otp_clear_trusted_device_for(_resource) .delete() end |
#otp_fetch_refresh_return_url ⇒ Object
93 94 95 |
# File 'lib/devise_two_factorable/helpers.rb', line 93 def otp_fetch_refresh_return_url session.delete(otp_scoped_refresh_return_url_property) { :root } end |
#otp_refresh_credentials_for(resource) ⇒ Object
credentials are refreshed
59 60 61 62 |
# File 'lib/devise_two_factorable/helpers.rb', line 59 def otp_refresh_credentials_for(resource) return false unless resource.class.otp_credentials_refresh session[otp_scoped_refresh_property] = (Time.now + resource.class.otp_credentials_refresh) end |
#otp_reset_persistence_for(resource) ⇒ Object
clears the persistence list for this kind of resource
119 120 121 122 |
# File 'lib/devise_two_factorable/helpers.rb', line 119 def otp_reset_persistence_for(resource) otp_clear_trusted_device_for(resource) resource.reset_otp_persistence! end |
#otp_scoped_persistence_cookie ⇒ Object
105 106 107 |
# File 'lib/devise_two_factorable/helpers.rb', line 105 def "otp_#{resource_name}_device_trusted" end |
#otp_scoped_refresh_property ⇒ Object
101 102 103 |
# File 'lib/devise_two_factorable/helpers.rb', line 101 def otp_scoped_refresh_property "otp_#{resource_name}refresh_after".to_sym end |
#otp_scoped_refresh_return_url_property ⇒ Object
97 98 99 |
# File 'lib/devise_two_factorable/helpers.rb', line 97 def otp_scoped_refresh_return_url_property "otp_#{resource_name}refresh_return_url".to_sym end |
#otp_set_flash_message(key, kind, options = {}) ⇒ Object
similar to DeviseController#set_flash_message, but sets the scope inside the otp controller
16 17 18 19 20 21 22 23 |
# File 'lib/devise_two_factorable/helpers.rb', line 16 def (key, kind, = {}) [:scope] ||= "devise.two_factor.#{controller_name}" [:default] = Array([:default]).unshift(kind.to_sym) [:resource_name] = resource_name = () if respond_to?(:devise_i18n_options, true) = I18n.t("#{[:resource_name]}.#{kind}", ) flash[key] = if .present? end |
#otp_set_refresh_return_url ⇒ Object
89 90 91 |
# File 'lib/devise_two_factorable/helpers.rb', line 89 def otp_set_refresh_return_url session[otp_scoped_refresh_return_url_property] = request.fullpath end |
#otp_set_trusted_device_for(resource) ⇒ Object
make the current browser trusted
80 81 82 83 84 85 86 87 |
# File 'lib/devise_two_factorable/helpers.rb', line 80 def otp_set_trusted_device_for(resource) return unless resource.class.otp_trust_persistence .signed[] = { httponly: true, expires: Time.now + resource.class.otp_trust_persistence, value: [resource.to_key, resource.authenticatable_salt, resource.otp_persistence_seed] } end |
#otp_t ⇒ Object
25 26 |
# File 'lib/devise_two_factorable/helpers.rb', line 25 def otp_t end |
#recovery_enabled? ⇒ Boolean
32 33 34 |
# File 'lib/devise_two_factorable/helpers.rb', line 32 def recovery_enabled? resource_class.otp_recovery_tokens && (resource_class.otp_recovery_tokens > 0) end |
#trusted_devices_enabled? ⇒ Boolean
28 29 30 |
# File 'lib/devise_two_factorable/helpers.rb', line 28 def trusted_devices_enabled? resource.class.otp_trust_persistence && (resource.class.otp_trust_persistence > 0) end |