Class: CASino::SessionsController

Inherits:

ApplicationController

• Object
• ApplicationController
• ApplicationController
• CASino::SessionsController

Includes:

AuthenticationProcessor, SessionsHelper, TwoFactorAuthenticatorProcessor

Defined in:

app/controllers/casino/sessions_controller.rb

Constant Summary

Constants included from ServiceTicketProcessor

CASino::ServiceTicketProcessor::RESERVED_CAS_PARAMETER_KEYS

Instance Method Summary

• #create ⇒ Object
• #destroy ⇒ Object
• #destroy_others ⇒ Object
• #index ⇒ Object
• #logout ⇒ Object
• #new ⇒ Object
• #validate_otp ⇒ Object

Methods included from TwoFactorAuthenticatorProcessor

#validate_one_time_password

Methods included from AuthenticationProcessor

#authenticators, #load_user_data, #validate_login_credentials

Methods included from SessionsHelper

#create_login_attempt, #current_ticket_granting_ticket, #current_ticket_granting_ticket?, #current_user, #ensure_signed_in, #log_failed_login, #set_tgt_cookie, #sign_in, #sign_out, #signed_in?

Methods included from ServiceTicketProcessor

#acquire_service_ticket, #clean_service_url, #service_allowed?, #ticket_valid_for_service?, #validate_ticket_for_service

Methods included from TicketGrantingTicketProcessor

#acquire_ticket_granting_ticket, #cleanup_expired_ticket_granting_tickets, #find_valid_ticket_granting_ticket, #load_or_initialize_user, #remove_ticket_granting_ticket

Methods included from BrowserProcessor

#browser_info, #same_browser?

Methods inherited from ApplicationController

#cookies

Instance Method Details

#create ⇒ Object

# File 'app/controllers/casino/sessions_controller.rb', line 23

def create
  validation_result = validate_login_credentials(params[:username], params[:password])
  if !validation_result
    log_failed_login params[:username]
    show_login_error I18n.t('login_credential_acceptor.invalid_login_credentials')
  else
    sign_in(validation_result, long_term: params[:rememberMe], credentials_supplied: true)
  end
end

#destroy ⇒ Object

# File 'app/controllers/casino/sessions_controller.rb', line 33

def destroy
  tickets = current_user.ticket_granting_tickets.where(id: params[:id])
  tickets.first.destroy if tickets.any?
  redirect_to sessions_path
end

#destroy_others ⇒ Object

# File 'app/controllers/casino/sessions_controller.rb', line 39

def destroy_others
  current_user
    .ticket_granting_tickets
    .where('id != ?', current_ticket_granting_ticket.id)
    .destroy_all if signed_in?
  redirect_to params[:service] || sessions_path
end

#index ⇒ Object

# File 'app/controllers/casino/sessions_controller.rb', line 11

def index
  @ticket_granting_tickets = current_user.ticket_granting_tickets.active
  @two_factor_authenticators = current_user.two_factor_authenticators.active
  @login_attempts = current_user.login_attempts.order(created_at: :desc).first(5)
end

#logout ⇒ Object

# File 'app/controllers/casino/sessions_controller.rb', line 47

def logout
  sign_out
  @url = params[:url]
  if params[:service].present? && service_allowed?(params[:service])
    redirect_to params[:service], status: :see_other
  end
end

#new ⇒ Object

# File 'app/controllers/casino/sessions_controller.rb', line 17

def new
  tgt = current_ticket_granting_ticket
  return handle_signed_in(tgt) unless params[:renew] || tgt.nil?
  redirect_to(params[:service]) if params[:gateway] && params[:service].present?
end

#validate_otp ⇒ Object

# File 'app/controllers/casino/sessions_controller.rb', line 55

def validate_otp
  validation_result = validate_one_time_password(params[:otp], @ticket_granting_ticket.user.active_two_factor_authenticator)
  return flash.now[:error] = I18n.t('validate_otp.invalid_otp') unless validation_result.success?
  @ticket_granting_ticket.update_attribute(:awaiting_two_factor_authentication, false)
  set_tgt_cookie(@ticket_granting_ticket)
  handle_signed_in(@ticket_granting_ticket)
end