Class: Booth::Requests::Sudo
- Inherits:
-
Object
- Object
- Booth::Requests::Sudo
- Includes:
- Logging
- Defined in:
- lib/booth/requests/sudo.rb
Instance Method Summary collapse
- #guard_with_otp {|Tron.success(:otp_sudo_needed, step: :sudo, public_message:)| ... } ⇒ Object
-
#guard_with_password {|Tron.success(:password_sudo_needed, step: :sudo, public_message:)| ... } ⇒ Object
Guards.
- #guard_with_webauth {|Tron.success(:webauth_sudo_needed, step: :sudo, public_message:)| ... } ⇒ Object
-
#initialize(scope:, request:) ⇒ Sudo
constructor
A new instance of Sudo.
- #lifespan ⇒ Object
- #mode ⇒ Object
- #otp! ⇒ Object
- #otp? ⇒ Boolean
-
#password! ⇒ Object
Setters.
-
#password? ⇒ Boolean
Getters.
- #webauth! ⇒ Object
- #webauth? ⇒ Boolean
- #webauthn_challenge ⇒ Object
- #webauthn_challenge=(new_challenge) ⇒ Object
Constructor Details
#initialize(scope:, request:) ⇒ Sudo
Returns a new instance of Sudo.
6 7 8 9 |
# File 'lib/booth/requests/sudo.rb', line 6 def initialize(scope:, request:) @scope = scope @request = request end |
Instance Method Details
#guard_with_otp {|Tron.success(:otp_sudo_needed, step: :sudo, public_message:)| ... } ⇒ Object
30 31 32 33 34 35 36 37 |
# File 'lib/booth/requests/sudo.rb', line 30 def guard_with_otp raise unless block_given? return if otp? debug { 'You need OTP sudo' } = I18n.t('booth.otp_sudo_timeout', lifespan_minutes: (lifespan / 60)) yield Tron.success(:otp_sudo_needed, step: :sudo, public_message:) end |
#guard_with_password {|Tron.success(:password_sudo_needed, step: :sudo, public_message:)| ... } ⇒ Object
Guards
21 22 23 24 25 26 27 28 |
# File 'lib/booth/requests/sudo.rb', line 21 def guard_with_password raise unless block_given? return if password? debug { 'You need password sudo' } = I18n.t('booth.password_sudo_timeout', lifespan_minutes: (lifespan / 60)) yield Tron.success(:password_sudo_needed, step: :sudo, public_message:) end |
#guard_with_webauth {|Tron.success(:webauth_sudo_needed, step: :sudo, public_message:)| ... } ⇒ Object
39 40 41 42 43 44 45 46 |
# File 'lib/booth/requests/sudo.rb', line 39 def guard_with_webauth raise unless block_given? return if webauth? debug { 'You need Webauth sudo' } = I18n.t('booth.webauth_sudo_timeout', lifespan_minutes: (lifespan / 60)) yield Tron.success(:webauth_sudo_needed, step: :sudo, public_message:) end |
#lifespan ⇒ Object
15 16 17 |
# File 'lib/booth/requests/sudo.rb', line 15 def lifespan ::Booth.config.interaction_timeout end |
#mode ⇒ Object
11 12 13 |
# File 'lib/booth/requests/sudo.rb', line 11 def mode request.authentication.mode.to_sym end |
#otp! ⇒ Object
82 83 84 85 |
# File 'lib/booth/requests/sudo.rb', line 82 def otp! debug { "Remembering sudo via OTP has been granted in scope #{scope}" } session[:otp] = Time.current.to_i end |
#otp? ⇒ Boolean
57 58 59 60 61 62 |
# File 'lib/booth/requests/sudo.rb', line 57 def otp? return true if session[:otp].to_i > lifespan.ago.to_i session[:otp] = nil false end |
#password! ⇒ Object
Setters
77 78 79 80 |
# File 'lib/booth/requests/sudo.rb', line 77 def password! debug { "Remembering sudo via password has been granted in scope #{scope}" } session[:password] = Time.current.to_i end |
#password? ⇒ Boolean
Getters
50 51 52 53 54 55 |
# File 'lib/booth/requests/sudo.rb', line 50 def password? return true if session[:password].to_i > lifespan.ago.to_i session[:password] = nil false end |
#webauth! ⇒ Object
87 88 89 90 |
# File 'lib/booth/requests/sudo.rb', line 87 def webauth! debug { "Remembering sudo via WebAuth has been granted in scope #{scope}" } session[:webauth] = Time.current.to_i end |
#webauth? ⇒ Boolean
64 65 66 67 68 69 |
# File 'lib/booth/requests/sudo.rb', line 64 def webauth? return true if session[:webauth].to_i > lifespan.ago.to_i session[:webauth] = nil false end |
#webauthn_challenge ⇒ Object
71 72 73 |
# File 'lib/booth/requests/sudo.rb', line 71 def webauthn_challenge session[:webauthn_challenge].presence end |
#webauthn_challenge=(new_challenge) ⇒ Object
92 93 94 95 96 97 98 99 |
# File 'lib/booth/requests/sudo.rb', line 92 def webauthn_challenge=(new_challenge) if new_challenge debug { "Persisting webauth challenge #{new_challenge.inspect} in sudo session for scope #{scope.inspect}" } else debug { "Removing webauth challenge from sudo session for scope #{scope.inspect}" } end session[:webauthn_challenge] = new_challenge.presence end |