Module: Devise::Models::TwoFactorable
- Extended by:
- ActiveSupport::Concern
- Defined in:
- lib/devise_two_factorable/models/two_factorable.rb
Defined Under Namespace
Modules: ClassMethods
Instance Method Summary collapse
- #disable_otp! ⇒ Object
- #enable_otp! ⇒ Object
- #generate_otp_challenge!(expires = nil) ⇒ Object
- #next_otp_recovery_tokens(number = self.class.otp_recovery_tokens) ⇒ Object
- #otp_challenge_valid? ⇒ Boolean
- #otp_provisioning_identifier ⇒ Object
- #otp_provisioning_uri ⇒ Object
- #recovery_otp ⇒ Object
- #reset_otp_credentials ⇒ Object
- #reset_otp_credentials! ⇒ Object
- #reset_otp_persistence ⇒ Object
- #reset_otp_persistence! ⇒ Object
- #time_based_otp ⇒ Object
- #validate_otp_recovery_token(token) ⇒ Object (also: #valid_otp_recovery_token?)
- #validate_otp_time_token(token) ⇒ Object (also: #valid_otp_time_token?)
- #validate_otp_token(token, recovery = false) ⇒ Object (also: #valid_otp_token?)
Instance Method Details
#disable_otp! ⇒ Object
73 74 75 |
# File 'lib/devise_two_factorable/models/two_factorable.rb', line 73 def disable_otp! update_attributes!(otp_enabled: false, otp_enabled_on: nil) end |
#enable_otp! ⇒ Object
67 68 69 70 71 |
# File 'lib/devise_two_factorable/models/two_factorable.rb', line 67 def enable_otp! reset_otp_credentials! if otp_persistence_seed.nil? update_attributes!(otp_enabled: true, otp_enabled_on: Time.now) end |
#generate_otp_challenge!(expires = nil) ⇒ Object
77 78 79 80 81 |
# File 'lib/devise_two_factorable/models/two_factorable.rb', line 77 def generate_otp_challenge!(expires = nil) update_attributes!(otp_session_challenge: SecureRandom.hex, otp_challenge_expires: DateTime.now + (expires || self.class.otp_authentication_timeout)) otp_session_challenge end |
#next_otp_recovery_tokens(number = self.class.otp_recovery_tokens) ⇒ Object
102 103 104 105 106 107 |
# File 'lib/devise_two_factorable/models/two_factorable.rb', line 102 def next_otp_recovery_tokens(number = self.class.otp_recovery_tokens) (otp_recovery_counter..otp_recovery_counter + number).inject({}) do |h, index| h[index] = recovery_otp.at(index) h end end |
#otp_challenge_valid? ⇒ Boolean
83 84 85 |
# File 'lib/devise_two_factorable/models/two_factorable.rb', line 83 def otp_challenge_valid? (otp_challenge_expires.nil? || otp_challenge_expires > Time.now) end |
#otp_provisioning_identifier ⇒ Object
38 39 40 |
# File 'lib/devise_two_factorable/models/two_factorable.rb', line 38 def otp_provisioning_identifier email end |
#otp_provisioning_uri ⇒ Object
34 35 36 |
# File 'lib/devise_two_factorable/models/two_factorable.rb', line 34 def otp_provisioning_uri time_based_otp.provisioning_uri(otp_provisioning_identifier) end |
#recovery_otp ⇒ Object
30 31 32 |
# File 'lib/devise_two_factorable/models/two_factorable.rb', line 30 def recovery_otp @recovery_otp ||= ROTP::HOTP.new(otp_recovery_secret) end |
#reset_otp_credentials ⇒ Object
42 43 44 45 46 47 48 49 50 51 |
# File 'lib/devise_two_factorable/models/two_factorable.rb', line 42 def reset_otp_credentials @time_based_otp = nil @recovery_otp = nil generate_otp_auth_secret reset_otp_persistence update_attributes!(otp_enabled: false, otp_session_challenge: nil, otp_challenge_expires: nil, otp_recovery_counter: 0) end |
#reset_otp_credentials! ⇒ Object
53 54 55 56 |
# File 'lib/devise_two_factorable/models/two_factorable.rb', line 53 def reset_otp_credentials! reset_otp_credentials save! end |
#reset_otp_persistence ⇒ Object
58 59 60 |
# File 'lib/devise_two_factorable/models/two_factorable.rb', line 58 def reset_otp_persistence generate_otp_persistence_seed end |
#reset_otp_persistence! ⇒ Object
62 63 64 65 |
# File 'lib/devise_two_factorable/models/two_factorable.rb', line 62 def reset_otp_persistence! reset_otp_persistence save! end |
#time_based_otp ⇒ Object
26 27 28 |
# File 'lib/devise_two_factorable/models/two_factorable.rb', line 26 def time_based_otp @time_based_otp ||= ROTP::TOTP.new(otp_auth_secret, issuer: (self.class.otp_issuer || Rails.application.class.parent_name).to_s) end |
#validate_otp_recovery_token(token) ⇒ Object Also known as: valid_otp_recovery_token?
109 110 111 112 113 114 |
# File 'lib/devise_two_factorable/models/two_factorable.rb', line 109 def validate_otp_recovery_token(token) recovery_otp.verify(token, otp_recovery_counter).tap do self.otp_recovery_counter += 1 save! end end |
#validate_otp_time_token(token) ⇒ Object Also known as: valid_otp_time_token?
96 97 98 99 |
# File 'lib/devise_two_factorable/models/two_factorable.rb', line 96 def validate_otp_time_token(token) return false if token.blank? validate_otp_token_with_drift(token) end |
#validate_otp_token(token, recovery = false) ⇒ Object Also known as: valid_otp_token?
87 88 89 90 91 92 93 |
# File 'lib/devise_two_factorable/models/two_factorable.rb', line 87 def validate_otp_token(token, recovery = false) if recovery validate_otp_recovery_token token else validate_otp_time_token token end end |