Class: DeviseOtp::Devise::OtpCredentialsController
- Inherits:
-
DeviseController
- Object
- DeviseController
- DeviseOtp::Devise::OtpCredentialsController
- Defined in:
- app/controllers/devise_otp/devise/otp_credentials_controller.rb
Instance Method Summary collapse
-
#get_refresh ⇒ Object
displays the request for a credentials refresh.
-
#set_refresh ⇒ Object
lets the user through is the refresh is valid.
-
#show ⇒ Object
show a request for the OTP token.
-
#update ⇒ Object
signs the resource in, if the OTP token is valid and the user has a valid challenge.
Instance Method Details
#get_refresh ⇒ Object
displays the request for a credentials refresh
61 62 63 64 |
# File 'app/controllers/devise_otp/devise/otp_credentials_controller.rb', line 61 def get_refresh ensure_resource! render :refresh end |
#set_refresh ⇒ Object
lets the user through is the refresh is valid
69 70 71 72 73 74 75 76 77 |
# File 'app/controllers/devise_otp/devise/otp_credentials_controller.rb', line 69 def set_refresh ensure_resource! if resource.valid_password?(params[resource_name][:refresh_password]) done_valid_refresh else failed_refresh end end |
#show ⇒ Object
show a request for the OTP token
12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 |
# File 'app/controllers/devise_otp/devise/otp_credentials_controller.rb', line 12 def show @challenge = params[:challenge] @recovery = (params[:recovery] == "true") && recovery_enabled? if @challenge.nil? redirect_to :root else self.resource = resource_class.find_valid_otp_challenge(@challenge) if resource.nil? redirect_to :root elsif @recovery @recovery_count = resource.otp_recovery_counter render :show else render :show end end end |
#update ⇒ Object
signs the resource in, if the OTP token is valid and the user has a valid challenge
34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 |
# File 'app/controllers/devise_otp/devise/otp_credentials_controller.rb', line 34 def update resource = resource_class.find_valid_otp_challenge(params[resource_name][:challenge]) recovery = (params[resource_name][:recovery] == "true") && recovery_enabled? token = params[resource_name][:token] if token.blank? (:alert, :token_blank) redirect_to otp_credential_path_for(resource_name, challenge: params[resource_name][:challenge], recovery: recovery) elsif resource.nil? (:alert, :otp_session_invalid) redirect_to new_session_path(resource_name) elsif resource.otp_challenge_valid? && resource.validate_otp_token(params[resource_name][:token], recovery) sign_in(resource_name, resource) otp_set_trusted_device_for(resource) if params[:enable_persistence] == "true" otp_refresh_credentials_for(resource) respond_with resource, location: after_sign_in_path_for(resource) else :alert, :token_invalid redirect_to new_session_path(resource_name) end end |